DNAT to 127 fails

Jan Engelhardt jengelh at linux01.gwdg.de
Fri Aug 5 11:44:54 CEST 2005


Hi,


Connection from anywhere-on-the-internet (dsl0) to alphagate:80 only does not 
work when --to-dest is 127.0.0.1. It works with 192.168.44.1.
(It's not a bridge problem, that for sure!)
Why? Some routing problem?


iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-dest 127.0.0.1:8000

11:40 alphagate:/etc # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
213.23.208.1    0.0.0.0         255.255.255.255 UH    0      0        0 dsl0
192.168.44.0    0.0.0.0         255.255.255.0   U     0      0        0 br0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         213.23.208.1    0.0.0.0         UG    0      0        0 dsl0

11:42 alphagate:/etc # ip a l
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
6: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
    link/ether 00:40:f4:79:b3:85 brd ff:ff:ff:ff:ff:ff
    inet 192.168.44.1/24 brd 192.168.44.255 scope global br0
19: dsl0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3
    link/ppp
    inet 213.23.218.138 peer 213.23.208.1/32 scope global dsl0



Jan Engelhardt
-- 



More information about the netfilter mailing list