[lug] iptables redirection

David L. Anselmi anselmi at anselmi.us
Wed Jan 10 18:53:00 MST 2007


Sean Reifschneider wrote:
> On Sun, Jan 07, 2007 at 11:11:17AM -0700, George Sexton wrote:
>> This is the problem. It's bypassing the NAT chain.
> 
> You mean NAT table?  My guess was that it was bypassing the PREROUTING
> chain.  I'm not sure that there's a way to force locally generated packets
> to go through that.  Probably the solution would be to put a proxy like
> rinetd or Apache mod_proxy to proxy 80 to 8080.  You can leave the NAT in
> there since it is working for public packets (and would therefore leave the
> remote IP unchanged for log-files), but the forward would pick up local
> packets.

Can you also put the redirect rules in the INCOMING and OUTGOING chains 
for local traffic?

Dave



More information about the LUG mailing list