On Tue, 12 Apr 2005, Jon Newman wrote:
> Using DNAT, via this command, still nets the same result:
> iptables -t nat -A PREROUTING -p tcp -s x.x.x.x/32 --dport 80 -j DNAT --to
> 216.90.3.137:8080
As I said it is equivalent. REDIRECT only saves you from entering the IP
(automatic).
> Any other ideas? I can't believe this is so difficult, this should be
> simple and straight foreward...there must be something stupid I am
> missing...PLEASE, anyone willing to point out my idiocy?
Never ever had netfilter NAT fail on me.
But if your intercepting router is running in "lollipop" mode (just one
interface, next hop router on same interface as client station) then you
may need disabling ICMP redirects.
Regards
Henrik
Received on Tue Apr 12 2005 - 17:18:03 MDT
This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT