Taylor, Grant gtaylor at
Sat Apr 23 00:30:43 CEST 2005

> REDIRECT is a special case of DNAT, where the dst IP is rewritten to the
> IP address of the interface the packet is received on (optionally
> re-writing the dst port as well).

So is there really any functional difference if you are wanting to redirect the traffic to the interface that it did come in?  In other words do you know of any kernel differences (number of cycles to execute?) in REDIRECT vs. DNAT?

> i used DNAT in my response, as it wasn't clear from the OP what local IP
> the translated packets needed to be sent to.

*nod*  I had to read the post more than one time too.

Grant. . . .

More information about the netfilter mailing list