Thanks. Still get a "line X failed" message after adding below to rules.v4 (with ports filled in).
Code:
-A PREROUTING -i eth0 -p tcp -m tcp --dport X -j REDIRECT --to-ports Y
Adding current iptables rules is a no go because it will add fail2ban rules into rules.v4 and always forget to stop fail2ban prior to doing. Also it is not relevant anyways because adding current iptables rules will not add prerouting rules (iptables -S will not show prerouting rules either). Only can see prerouting rules with;
Code:
iptables -t nat -L -n -v
Am starting to think that original syntax (as well as @michaelk) suggestion are both correct but that iptables prerouting rules need to be added somewhere besides rules.v4. Thoughts?
On another somewhat separate note will the below limit both UDP and TCP packets (basically if -p tcp or -p UDP is not specified will a rule default to applying to both TCP and UDP)?
Code:
iptables -A OUTPUT -m limit --limit 100/s -j ACCEPT