DNAT to 127 fails

Jan Engelhardt jengelh at linux01.gwdg.de
Tue Aug 9 11:51:31 CEST 2005


>"-j DNAT" is not intended to DNAT to localhost. The REDIRECT target is
>for this. From "man iptables":

I guess this has to do with the recent 2.6.11->12 change that there is no more 
implicit SNAT on -j DNAT, right? (Before, -j REDIRECT --to-ports ports was 
equal to -j DNAT --to-dest 127.0.0.1:ports)



Jan Engelhardt
-- 
| Alphagate Systems, http://alphagate.hopto.org/



More information about the netfilter mailing list