On Wed, 2013-08-28 at 21:49 +0200, Miguel González wrote: > Dear all, > > I´m testing a server and try to simulate a server in production. We > have a SSL certificate and I have configured the test server with the > same servername as it is in production. To access it, I change the hosts > file in my laptop to reach the test server. > > However, the Java application running in the server tries to access > some local web content. I have changed the hosts file and some > applications (ping, wget) they get the local IP address. However > nslookup and maybe our Java application (I didn´t have the programmer > available to debug it) are getting the production server IP. > > So, how can I redirect for instance 443 traffic to a specific IP to > the local IP address of the local server? I have tried this: > > iptables -t nat -A PREROUTING -d XXX.XXX.XXX.XXX -p tcp --dport 80 > -j DNAT --to YYY.YYY.YYY.YYY > > XXX.XXX.XXX.XXX - IP of production server > > YYY.YYY.YYY.YYY - local IP of the test server > > Thanks > > Miguel You have the prerouting but you have to forward it as well. This allows a connection on the Internet to make a connection to a internal machine on my local network. Router machine's local network ip 10.0.0.1 on eth1. 10.0.0.5 internal machine. iptables -A FORWARD -p tcp -i ppp0 -o eth1 -d 10.0.0.5 --dport 1234 -j ACCEPT iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 1234 -j DNAT --to-destination 10.0.0.5:1234 ip and ports changed to protect the guilty :) Gary.