On Wednesday 23 March 2005 11:06, martin f krafft wrote: > I want to rewrite source and destination sockets of locally > generated packets. Specifically, packets with the following pair > > 1.2.3.4:12345 -> 8.7.6.5:80 > > should be rewritten as > > 127.0.0.1:12345 -> 127.0.0.1:3128 > > Is it possible to achieve this with iptables? I can do the > destination rewriting just fine (using REDIRECT in the OUTPUT > chain), but to rewrite the source, I need to use SNAT (I think), > which is only valid in POSTROUTING, and by that point in time it's > too late.
try to fwmark the packages when REDIRECTing and use the mark on POSTROUTING to SNAT too. Just off the top of my head. Regards, David -- - hallo... wie gehts heute? - *hust* gut *rotz* *keuch* - gott sei dank kommunizieren wir Ãber ein septisches medium ;) -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15
