Whenever I add or remove a DNAT rule such as: iptables -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1 there is sometimes a delay before the correct nat''ing is done. Can anyone tell me why this is? Is it something to do with caching of routing tables? If so, is there a way to clear them to ensure that the rule takes effect immediately? I am building a simple captive portal solution for my network. By default people are directed to the local web server as per the rule above, and once logged in they are allowed access to the web. When logging in the user is directed to their choice of webpage, but this is often not displayed and instead the connection is routed once again to the local web server as above. Even deleting the DNAT rule altogether seems to sometimes take a while to update. Andy
Andrew Beverley wrote:>Whenever I add or remove a DNAT rule such as: > >iptables -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1 > >there is sometimes a delay before the correct nat''ing is done. Can anyone tell >me why this is? Is it something to do with caching of routing tables? If so, is >there a way to clear them to ensure that the rule takes effect immediately? > >I am building a simple captive portal solution for my network. By default people >are directed to the local web server as per the rule above, and once logged in >they are allowed access to the web. When logging in the user is directed to >their choice of webpage, but this is often not displayed and instead the >connection is routed once again to the local web server as above. Even deleting >the DNAT rule altogether seems to sometimes take a while to update. > >Andy >_______________________________________________ >LARTC mailing list >LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > >You can try to disable KeepAlive from your apache server.