On 29.Aug.2013, at 02:55, Markus Falb wrote: > > On 28.Aug.2013, at 21:49, Miguel González wrote: > >> So, how can I redirect for instance 443 traffic to a specific IP to >> the local IP address of the local server? I have tried this: >> >> iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -p tcp --dport 80 >> -j DNAT --to YYY.YYY.YYY.YYY > > I think you has to do POSTROUTING hmm, locally generated messages do not pass the PREROUTING AFAIK this was why I was suggesting POSTROUTING, but... POSTROUTING is wrong too according to the manpage for iptables DNAT: This target is only valid in the nat table, in the PREROUTING and OUTPUT chains, and user-defined chains which are only called from those chains. If I read it correct, this rule should go into the OUTPUT chain. -- Markus