[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Openvds-devel] iptables
|
From: |
Simon Garner |
|
Subject: |
[Openvds-devel] iptables |
|
Date: |
Mon, 10 Dec 2001 13:37:15 +1300 |
Hi,
(I sent this message a couple of weeks ago to the freeVSD list, but got no
response so I'm resending.)
Running under linux 2.4, redirecting HTTP using iptables works well except
that I'm finding the redirection only works when connecting from other hosts
on the network, not from the server itself.
Example, on the host server (or in a vs, makes no difference):
$ lynx http://vsone/
Cannot connect to server
$ lynx http://vsone:8080/
Works fine
But opening http://vsone/ on port 80 works fine from other hosts on the
network/Internet.
Are there any netfilter gurus here who can suggest some additional iptables
rules to make this work?
The rules generated by freeVSD look like this (from my
/etc/sysconfig/iptables):
[0:0] -A PREROUTING -d 192.168.0.150 -p tcp -m tcp --dport 80 -j
DNAT --to-destination 192.168.0.150:8080
[0:0] -A PREROUTING -d 192.168.0.150 -p udp -m udp --dport 80 -j
DNAT --to-destination 192.168.0.150:8080
[0:0] -A PREROUTING -d 192.168.0.150 -p tcp -m tcp --dport 443 -j
DNAT --to-destination 192.168.0.150:8443
[0:0] -A PREROUTING -d 192.168.0.150 -p udp -m udp --dport 443 -j
DNAT --to-destination 192.168.0.150:8443
PS: are those udp rules really necessary?
Cheers,
Simon Garner
Re: [Openvds-devel] iptables, Chris Fulton, 2001/12/09