[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] Re: iptables redirect

To: list@xxxxxxxxxxxx
Subject: [LUG] Re: iptables redirect
From: Alex Charrett <alex@xxxxxxxxxxxx>
Date: Wed, 01 Jun 2005 21:24:05 +0100

On Wed, 2005-06-01 at 14:02 +0100, Alex Charrett wrote:

I'm getting some weird iptables behaviour - anyone got any ideas?

Some iptables snippits from a server I'm looking at...

iptables -A INPUT -i eth1 -s $WORKSTATION -d $THIS_SERVER -p tcp 
--dport 2000 -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -s $WORKSTATION -p tcp --dport 
2000 -j REDIRECT --to-port 3000


Ah, turns out I was the master of my own destruction.  In this case the
IP address in $THIS_SERVER was an aliased interface (eth1:1) as opposed
to the primary interface, hence when the redirect happened it was
redirected to the primary interface and then rejected as I wasn't
allowing that.  Doh!  The DROP/REJECT thing was a complete red
herring. :)

Alex.


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] iptables redirect
  - From: Alex Charrett

Prev by Date: [LUG] just for info
Next by Date: [LUG] Linux promition and educating about the problems with Windows.
Previous by thread: [LUG] iptables redirect
Next by thread: [LUG] Remote X
Index(es):
- Date
- Thread