LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-04-2009, 12:42 PM   #1
clunk
LQ Newbie
 
Registered: Sep 2009
Posts: 5

Rep: Reputation: 0
IPTABLES bounce outbound IP back to localhost


Hi - this is my first post here so be gentle with me :-)

I was asked if it was possible to use IPTABLES to bounce an outbound request, let's say for google: 74.125.67.100, to a different local IP, say 192.168.1.1?

In the past I've been able to use 'redirect' on a multi-nic box to force all port 80 traffic to Squid on 8080, but this was indiscriminate. All port 80 traffic was sent through.

A quick look around has suggested DNAT to me, so I've tried:

iptables -t nat -A PREROUTING -p tcp -d 74.125.67.100 --dport 80 -j DNAT --to-destination 192.168.1.1:80

When this did not work I've added:
iptables -t nat -A POSTROUTING -j MASQUERADE

And ... sysctl net.ipv4.ip_forward = 0 so...
echo 1 > /proc/sys/net/ipv4/ip_forward

But no matter what, my humble little box always takes me to google when I call http://74.125.67.100 (or curl 74.125.67.100).

I'm stumped. I'm not even entirely sure I can do this with IPTables on a single nic box when the request is coming from that box.

Am I missing something painfully obvious (like wrong chain, or 'can't do that because..)

Thanks to anyone who gets the time to respond.
 
Old 10-04-2009, 01:26 PM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
To alter the destination of packets originating from the local machine, you need to put the rule in the OUTPUT chain:

Code:
iptables -t nat -A OUTPUT -p tcp -d 74.125.67.100 --dport 80 -j DNAT --to-destination 192.168.1.1:80
You can also use a REDIRECT target on the OUTPUT chain.
 
Old 10-05-2009, 02:19 AM   #3
clunk
LQ Newbie
 
Registered: Sep 2009
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks! I had a feeling about the output chain. That's just what the doctor ordered and works perfectly! Thank you so much.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Need to stop bounce back emails with exim. matt1982 Linux - Server 2 01-10-2010 02:45 PM
Spoofing IDs not getting bounce back message rasalp Linux - Server 2 05-12-2009 02:20 AM
qmail bounce back mails deepakatiabhi Linux - Newbie 1 12-13-2007 04:08 PM
Netgear DG834: allow outbound connections back in hamish Linux - Networking 1 04-24-2007 05:11 PM
Bounce back email with a message? tauras911 Linux - Newbie 3 02-10-2005 03:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration