Linux-Noob Forums

Full Version: wild iptable issues
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Hey all, this being my first post please go easy on me:

 

I have the following problem, I want to route all requests to port 80 to port 8171 and 443 to 8143 (both internally from within my box and externally from other computers). The following is the configuration information on the iptables status:

 

Table: filter

Chain INPUT (policy ACCEPT)

num target prot opt source destination

 

Chain FORWARD (policy ACCEPT)

num target prot opt source destination

 

Chain OUTPUT (policy ACCEPT)

num target prot opt source destination

 

Table: nat

Chain PREROUTING (policy ACCEPT)

num target prot opt source destination

1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171

2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143

 

Chain POSTROUTING (policy ACCEPT)

num target prot opt source destination

 

Chain OUTPUT (policy ACCEPT)

num target prot opt source destination

1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171

2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143

 

 

 

Here is my configuration:

 

 

# Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008

*nat

:PREROUTING ACCEPT [22:3658]

:POSTROUTING ACCEPT [64:4788]

:OUTPUT ACCEPT [57:4368]

-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171

-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143

-A OUTPUT -o lo -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171

-A OUTPUT -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143

COMMIT

# Completed on Thu May 8 18:29:01 2008

# Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008

*filter

:INPUT ACCEPT [21858:11609795]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [22001:18526588]

COMMIT

# Completed on Thu May 8 18:29:01 2008

 

 

Now the configuration for port 80 works fine and routs to 8171 when accessed from the box itself or from an outside computer. When I access 443 from an outside computer it correctly forwards to 8143. But when I try and access 443 from the box itself, it doesn't seem to route. What is wrong with my config???