--- Andy <ag1234(a)carmen.se> wrote:
Jari Marikainen wrote:
> I would like to forward incoming traffic from internet to
> "<195.198.111.x> port 80" to "<some other ip on the
> in FC3 on the same interface.
I would try the DNAT/SNAT iptables targets, along the lines of:
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \
-j DNAT --to-destination 18.104.22.168
iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 22.214.171.124 \
-j SNAT --to-source <your external IP address on this machine>
The second line makes the real server send it's replies through the
path (otherwise it will reply directly to the client)
You have to enable/allow forwarding for everything to work.
Are you sure? If I read the original note correctly, he wants to have
his machine see an incoming packet on one interface, and then forward
it to another address on the SAME interface. And he specifically said
that he wants to catch traffic coming FROM the internet and forward it
TO a different address, also on the internet.
That's not port-forwarding, that's redirection, and it is best handled
by setting up Apache to recognize the incoming connection, and then
setting a REDIRECT which sends a message back to the client to tell it
to go look somewhere else.
Unless he has a multi-homed system with more than one interface on the
internet, I'm not sure that forwarding/routing will work.
Am I wrong?
Do you Yahoo!?
All your favorites on one personal page � Try My Yahoo!