On Tue, Feb 08, 2011 at 12:36:44PM -0600, Carlos S wrote:
I am forwarding traffic on port 8080 to port 80 with following rule. # iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 80 # iptables-save
However, I am unable to add it directly in /etc/sysconfig/iptables. I think it is used only for filter table and not nat table. So where do nat table rules go? Any help?
cs. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Here's how I have it set up on a box where I'm doing something similar, but for ssh: # Generated by iptables-save v1.3.5 on Fri Sep 17 10:39:51 2010 *nat :PREROUTING ACCEPT [38:3177] :POSTROUTING ACCEPT [77:6468] :OUTPUT ACCEPT [77:6468] -A PREROUTING -s <ADDRESS> -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 4022 COMMIT # Completed on Fri Sep 17 10:39:51 2010 # Generated by iptables-save v1.3.5 on Fri Sep 17 10:39:51 2010 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [660935177:1131719310086] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT (Normal iptables config continues)
Also, once you add the rule with the iptables command, have you tried iptables-save? That should give you a dump of all the rules that are in effect. Joe