REDIRECT ports in forward chain
marko
minimal at mail.ee
Wed Jan 10 19:59:47 CET 2007
is it possible to change the --dport on a packet that is forwarded through?
for example, two pc's and internet in between. both pc's have linux as
gateways. both gateways do NAT. now, i'd like to access port 8080 on machine
A from machine B. for example telnet X.X.X.X 8080. normally i'd have to do a
DNAT on machine A's gateway for that port, right? but i would like the port
to change during internet. like i type telnet to port 8080, but linux
redirects it to port 18080 on machine B's network and on machine A's gateway
i'd have to a DNAT from 18080 to 8080. so i'd telnet to 8080 seemingly, the
linux B redirects it to 18080 and it travels over the net to linux A to port
18080 and the it is DNAT'ed to 8080 to machine B. but the redirection
doesn't work. as i understood if i redirect on nat table's prerouting chain
the packet the travels to INPUT chain instead on FORWARD chain.
marko.
More information about the netfilter
mailing list