Hi all,
I need some help setting up iptables with NAT and port translation.
I need to redirect all traffic comming to 41.220.40.183:80 to 10.0.0.1:8080
The netfilter HOWTO says that its possible using the following rule, but it
isn''t working for me:
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 80 -j DNAT --to
10.0.0.1:8080
When I setup NAT using the same port (port 80 to 80), it works perfectly.
The problem is when redirecting from port 80 to 8080
Note:
- 10.0.0.1 is a virtual machine created using Xen VMM
My actual configuration is:
# iptables -L -t nat -nv
Chain PREROUTING (policy ACCEPT 1659 packets, 143K bytes)
pkts bytes target prot opt in out source
destination
0 0 DNAT tcp -- eth0 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 to:10.0.0.1:8080
Chain POSTROUTING (policy ACCEPT 28126 packets, 1747K bytes)
pkts bytes target prot opt in out source
destination
17560 1110K MASQUERADE all -- * eth0 0.0.0.0/0 0
.0.0.0/0
Chain OUTPUT (policy ACCEPT 45638 packets, 2854K bytes)
pkts bytes target prot opt in out source
destination
##### ##### ##### ##### #####
# iptables -L -nv
Chain INPUT (policy ACCEPT 3470K packets, 374M bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 3212 packets, 1440K bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- * * 10.0.0.1
0.0.0.0/0 PHYSDEV match --physdev-in vif5.0
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 PHYSDEV match --physdev-in vif5.0 udp spt:68 dpt:67
0 0 ACCEPT all -- * * 10.0.0.2
0.0.0.0/0 PHYSDEV match --physdev-in vif6.0
0 0 ACCEPT udp -- * * 0.0.0.0/0
0.0.0.0/0 PHYSDEV match --physdev-in vif6.0 udp spt:68 dpt:67
Chain OUTPUT (policy ACCEPT 3465K packets, 353M bytes)
pkts bytes target prot opt in out source
destination
Thanks for any help...
--
AkiL Mussá
Software is like SEX, it is better when it is FREE (Linus Torvalds)
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users