Hi - this is my first post here so be gentle with me :-)
I was asked if it was possible to use IPTABLES to bounce an outbound request, let's say for google: 74.125.67.100, to a different local IP, say 192.168.1.1?
In the past I've been able to use 'redirect' on a multi-nic box to force all port 80 traffic to Squid on 8080, but this was indiscriminate. All port 80 traffic was sent through.
A quick look around has suggested DNAT to me, so I've tried:
iptables -t nat -A PREROUTING -p tcp -d 74.125.67.100 --dport 80 -j DNAT --to-destination 192.168.1.1:80
When this did not work I've added:
iptables -t nat -A POSTROUTING -j MASQUERADE
And ... sysctl net.ipv4.ip_forward = 0 so...
echo 1 > /proc/sys/net/ipv4/ip_forward
But no matter what, my humble little box always takes me to google when I call
http://74.125.67.100 (or curl 74.125.67.100).
I'm stumped. I'm not even entirely sure I can do this with IPTables on a single nic box when the request is coming from that box.
Am I missing something painfully obvious (like wrong chain, or 'can't do that because..)
Thanks to anyone who gets the time to respond.