Newbie iptables loopback dns

mpapet · 09-02-2013, 03:50 PM

I have a Zoom branded firewall running Zoom's linux firmware. I'm in the router and have a shell. The directions I've found for forcing a loopback dns lookup don't work with the device.

For example: http://www.smallbusinesstech.net/mor...cks-on-openwrt

This does not work.

Code:

iptables -t nat -A prerouting_rule -d 100.100.100.100 -p tcp --dport 80 -j DNAT --to 192.168.0.2
iptables -A forwarding_rule -p tcp --dport 80 -d 192.168.0.2 -j ACCEPT
iptables -t nat -A postrouting_rule -s 192.168.0.0/24 -p tcp --dport 80 -d 192.168.0.2 -j MASQUERADE

It returns "iptables: No chain/target/match by that name"

Code:

iptables -t mangle -L PREROUTING

This shows a PREROUTING rule, which is where I think I need to be.

I'm stuck as to what the incantation to port the loopback code to the mangle/PREROUTING would look like.

Any help is appreciated.

acid_kewpie · 09-03-2013, 02:51 AM

why are you asking about DNS when you're posting rules about TCP/80 i.e. http?

"prerouting_rule" would refer to a user defined table, and you'd need to create it first if it doesn't already exist. And once it exists, you'd need to chain onto it from a conventionally processed table, i.e. "PREROUTING". OR you just put it directly in "PREROUTING". Within the context of OpenWRT, i've no idea if this should or should not already exist.

mpapet · 09-03-2013, 05:41 PM

Quote:

Originally Posted by acid_kewpie

why are you asking about DNS when you're posting rules about TCP/80 i.e. http?

So computers inside the LAN making a request to a domain ON PORT 80 I host resolves to the local server.

Why does yogurt night have to be so difficult?!!?