Iptables redirect AFTER INPUT/FORWARD chain processing
Hi All
I have a webserver listening on port 79, and showing the splash page, no matter what the request. When I put this in my nat table: iptables -t nat -D PREROUTING -i eth0 -p tcp -j REDIRECT --to-port 79 I get the desired effect. Only problem is that I don't know till much later for which hosts I need this. I have a fairly complex firewall that processes *a lot* of rules in it's INPUT and FORWARD chains. What I need to do, is to redirect all the packets that INPUT and FORWARD would have dropped, to that port, for the permanent splash page. My questions: 1) Is there a way? 2) Should I maybe tag/mangle the packets that would have been dropped and then redirect at POSTROUTING? (Very tedious) 3) Can I redirect directly from INPUT/FORWARD? 4) Can I send the packet back to PREROUTING from INPUT/FORWARD? Would much appreciate any info you have! Thanks :study: |
All times are GMT -5. The time now is 06:46 AM. |