[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] iptables: DNAT from port x to port y
my linux router is supposed to forward https requests to the http port
on my webserver.
Is this possible with iptables?
I thought that these lines should do (there is more in my iptables
script, but I think this is the interesting part):
$IPTABLES -t nat -A PREROUTING -i eth0 -p tcp -d $routerip --dport 443
-j DNAT --to-destination $webserverip:80
$IPTABLES -A FORWARD -i eth0 -o eth1 -p tcp -d $webserverip --dport 80
$IPTABLES -A INPUT -i eth0 -p tcp -d $routerip --dport 443 -j ACCEPT
But apparently, clients still get forwarded to https, and as there is no
https, they run into a timeout.
Am I missing something or is this not possible?
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here