DNAT to 127 fails
Jörg Harmuth
harmuth at mnemon.de
Tue Aug 9 12:20:12 CEST 2005
Jan Engelhardt schrieb:
>>"-j DNAT" is not intended to DNAT to localhost. The REDIRECT target is
>>for this. From "man iptables":
>
>
> I guess this has to do with the recent 2.6.11->12 change that there is no more
> implicit SNAT on -j DNAT, right? (Before, -j REDIRECT --to-ports ports was
> equal to -j DNAT --to-dest 127.0.0.1:ports)
Don't know, but with my 2.4.31 it doesn't work too (maybe a backport ?).
Only -j REDIRECT works.
Have a nice time,
Joerg
More information about the netfilter
mailing list