DNAT to 127 fails

Jan Engelhardt jengelh at linux01.gwdg.de
Tue Aug 9 11:51:31 CEST 2005

>"-j DNAT" is not intended to DNAT to localhost. The REDIRECT target is
>for this. From "man iptables":

I guess this has to do with the recent 2.6.11->12 change that there is no more 
implicit SNAT on -j DNAT, right? (Before, -j REDIRECT --to-ports ports was 
equal to -j DNAT --to-dest

Jan Engelhardt
| Alphagate Systems, http://alphagate.hopto.org/

More information about the netfilter mailing list