port 80 out new ISP

Robert Nichols rnicholsNOSPAM at comcast.net
Sat Aug 20 02:00:23 CEST 2005


Brent Clark wrote:

> iptables -t nat -A PREROUTING --dport 80 -j LOG
> Aug 19 18:40:32 gate kernel: IN=eth1 OUT= 
> MAC=00:00:f4:af:80:b8:00:60:67:77:aa:92:08:00 SRC=192.168.111.213 
> DST=66.36.247.82 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=2925 DF PROTO=TCP 
> SPT=4032 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
> 
> Notice that "OUT=" does not show eth2

Of course not.  In the PREROUTING stage no decision about where to send
the packet has yet been made.

-- 
Bob Nichols         Yes, "NOSPAM" is really part of my email address.




More information about the netfilter mailing list