Problem with DNAT from localhost to LAN via loopback

Charles Delorme charles.delorme at suricat.net
Thu Apr 14 22:01:14 CEST 2005


>----- Original Message ----- 
>From: "Jason Opperisano" <opie at 817west.com>
>Sent: Thursday, April 14, 2005 7:18 PM
> On Thu, Apr 14, 2005 at 05:28:39PM +0200, Charles Delorme wrote:
> > Hello list...
> > [..]
> your kernel needs to be compiled with:
>
>   CONFIG_IP_NF_NAT_LOCAL
>
> in order to DNAT locally-generated packets.
>

Thank you for that tip. Are there any side effects for this compilation
directive ?

> IIRC you then put the DNAT rule in the nat table OUTPUT chain to modify
> the destination of local packets.

I'm not sure to understand what kind of rule I need to add in the OUTPUT
chain. Should I copy the kind of rule I have in the PREROUTING table ?

Thanks.







More information about the netfilter mailing list