redirect 127.0.0.1:25 -> 127.0.0.1:2000
altitude at funkware.com
Sat May 19 00:46:04 CEST 2007
ARGH. Sorry about my premature previous post...lemme try this again...
In looking through the mail archive, i see this thread,
which answered my question.
I verified that the kernel had IP_NF_NAT_LOCAL set to y, and i see that
I was missing the "iptables -t nat -A OUTUPT" line. Everything works
Alex Tang wrote:
> Hi folks.
> I'm using a nat PREROUTING rule to forward all connections from port
> 25 to port 2000. This works fine for all addresses except for localhost.
> the rule i'm using is: "-A PREROUTING -p tcp -m tcp --dport 25 -j
> REDIRECT --to-ports 2000" (CentOS4, kernel 2.6.9-55, iptables-1.2.11)
> For example, on my machine: foobar.example.com
> If i telnet from any machine other than foobar.example.com to
> foobar.example.com:25, the connection is redirected properly to
> However, if i telnet from foobar.example.com to localhost:25, i get a
> connection refused.
> Telnetting to from foobar.example.com to localhost:2000 works fine (as
> Telnetting from foobar.example.com to foobar.example.com:25 also does
> not work.
> I know that you can't do prerouting from localhost -> some.other.host
> (or vice versa), but i thought localhost->localhost would work.
> Am i screwing up the rule? Should I add another rule? Or am i just SOL.
More information about the netfilter