iptables redirect

Jeff Sadowski · #1 30th August 2005, 06:03 PM

Ok I'm not sure what im looking for. I thought I knew iptables well enough but I need a little help.

what I want to do:
When a computer 172.16.0.100 through 172.16.0.150 requests to connect to port 80 on machine 172.16.0.200(my linux box) it redirects that to port 80 on 172.16.0.250. My gateway is 172.16.0.1

I tried the following on 172.16.0.200 but it doesn't work as I expected
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -d 172.16.0.250 --to-port 80
echo 1 >/proc/sys/net/ipv4/ip_forward

Has anyone done anything similar?

Jeff Sadowski · #2 30th August 2005, 06:12 PM

this should be very simmilar to a transparent proxy server with the exceptions that it is on a different machine than the original request and that this machine is not the gateway

Jeff Sadowski · #3 30th August 2005, 06:17 PM

heres a relevant transparent proxy snip

Configuring a transparent proxy
Traffic interception
Intercept and/or redirect the traffic to the chosen port. Having the proxy on the same machine as the interceptor is preferable. The code example uses iptables as the redirection mechanism, and port 8080 as the proxy's http_port.
To a different machine
iptables -t nat -A PREROUTING -i $INTERFACE -p tcp --dport 80 -j DNAT --to 10.0.3.1:8080

Jeff Sadowski · #4 30th August 2005, 06:22 PM

I tried on 172.16.0.200
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 172.16.0.250:80

but then when I try "lynx -dump -source http://172.16.0.200" on 172.16.0.100 lynx stalls

so this isn't quite it