wild iptable issues - Printable Version +- Linux-Noob Forums (https://www.linux-noob.com/forums) +-- Forum: Linux Server Administration (https://www.linux-noob.com/forums/forum-8.html) +--- Forum: Security and Firewalls (https://www.linux-noob.com/forums/forum-87.html) +--- Thread: wild iptable issues (/thread-951.html) |
wild iptable issues - papermate - 2008-05-10 Hey all, this being my first post please go easy on me: I have the following problem, I want to route all requests to port 80 to port 8171 and 443 to 8143 (both internally from within my box and externally from other computers). The following is the configuration information on the iptables status: Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination Table: nat Chain PREROUTING (policy ACCEPT) num target prot opt source destination 1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171 2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143 Chain POSTROUTING (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171 2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143 Here is my configuration: # Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008 *nat :PREROUTING ACCEPT [22:3658] :POSTROUTING ACCEPT [64:4788] :OUTPUT ACCEPT [57:4368] -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171 -A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143 -A OUTPUT -o lo -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171 -A OUTPUT -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143 COMMIT # Completed on Thu May 8 18:29:01 2008 # Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008 *filter :INPUT ACCEPT [21858:11609795] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [22001:18526588] COMMIT # Completed on Thu May 8 18:29:01 2008 Now the configuration for port 80 works fine and routs to 8171 when accessed from the box itself or from an outside computer. When I access 443 from an outside computer it correctly forwards to 8143. But when I try and access 443 from the box itself, it doesn't seem to route. What is wrong with my config??? |