port 80 out new ISP

Robert Nichols rnicholsNOSPAM at comcast.net
Sat Aug 20 02:00:23 CEST 2005

Brent Clark wrote:

> iptables -t nat -A PREROUTING --dport 80 -j LOG
> Aug 19 18:40:32 gate kernel: IN=eth1 OUT= 
> MAC=00:00:f4:af:80:b8:00:60:67:77:aa:92:08:00 SRC= 
> DST= LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=2925 DF PROTO=TCP 
> SPT=4032 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> Notice that "OUT=" does not show eth2

Of course not.  In the PREROUTING stage no decision about where to send
the packet has yet been made.

Bob Nichols         Yes, "NOSPAM" is really part of my email address.

More information about the netfilter mailing list