Howto redirect internet traffic from local machine back to local machine?

Aseem Rastogi aseem at
Mon Nov 28 09:32:56 CET 2005

also traffic from local machine doesn't pass through PREROUTING chain. 
add this rule to OUTPUT chain of NAT table.

ruben at wrote:

>       This  target  is only valid in the nat table, in the PREROUTING and
>OUTPUT chains, and user-defined chains which are only called from
>those chains.
>       It alters the destination IP address to send the packet to the
>machine itself (locally-generated packets are mapped to the
> address).   It
>       takes one option:
>       --to-ports port[-port]
>              This  specifies a destination port or range of ports to use:
>without this, the destination port is never altered.  This
>is only valid if the
>              rule also specifies -p tcp or -p udp.
>- Ruben
>>Unfortunately i did not find a proper answer on the web although i googled
>>around for quite a lot of time:
>>I want to analyse a malware on my computer. The malware connects to a
>>lot of sites on the internet (hard coded in the program but unfortunately
>>these IPs are encrypted).
>>I know the port the program wants to connect to and i want to answer its
>>requests by a script on the same machine.
>>I tried this for a test to catch connections to mail servers:
>>echo 1 > /proc/sys/net/ipv4/ip_forward
>>iptables -t nat -F
>>iptables -t nat -A PREROUTING -p tcp -d ! --dport 25 -j
>>                --to
>>But it does not work:
>>$ telnet 25
>>Connected to         <--- of course, that's not my box
>>Escape character is '^]'.
>>220 {mp027} GMX Mailservices ESMTP
>>I assume the problem has something to do that the packets are generated
>>on the "iptables-machine". Unfortunately, i only have this machine and
>>i cannot send the packets through a second firewall-machine.
>>I would be very happy if any kind soul could give me a hint!
>>Thanks in advance,

If you are good, you will be assigned all the work.  If you are real good, you will get out of it

More information about the netfilter mailing list