Hi,

I have two systems on LAN 192.168.0.54 and 192.168.0.64.

I want to redirect request coming on port 80 of 192.168.0.54 to port 80 of 192.168.0.64,so can any one suggest me the correct rule.Is the rule given below correct?

#iptables -t nat -A PREROUTING -s 192.168.0.0/24 -p tcp -d 192.168.0.54 --dport 80 -j DNAT --to-destination 192.168.0.64

If its wrong, can any one suggest the correct rule?

I think your proposed rule is maybe more restrictive than you want, because it restricts this redirection to connections that originate on 192.168.0.54. Perhaps a better choice would be Depending on the other rules in your firewall configuration, you will probably need the following The first of these additional rules allows the first reply packet from your web server back through the firewall, and the second rule takes care of any further communication on that connection. If your firewall machine is itself

In addition, if your intention is to re-route external HTTP requests to an internal server, you will need some sort of DNAT rule to masquerade the private network address (192.168.0.x) that will appear as the source in any reply packets.

Hi thanks,

I did the same thing which you have mentioned but i am not getting redirected to the correct website ..it not getting corrected... i have transparent proxy on my gateway...


Prayag

As I understand it, a proxy server can accomplish the redirection on its own that you are trying to achieve with iptables rules. Is there some reason that you do not want to configure the proxy server to do the redirection of HTTP traffic directly to your other box?

It seems likely that this proxy server is getting in the way of the iptables rules. This is a case of my not knowing enough about your system to provide you with a useful answer. Next time, I will ask more questions about everything that is running on the firewall machine.