<Lots of snippage>
From nat:
-A PREROUTING -s $CLIENT_IP -p tcp -m tcp --dport 80 -j DNAT --to-
destination 127.0.0.1:80
But the kernel sees the traffic as "martian" and disards them:
Dec 1 15:09:45 xxxxxxxx last message repeated 9 times
Dec 1 15:11:37 xxxxxxxx kernel: martian destination 127.0.0.1 from
172.16.110.139, dev br0
Dec 1 15:11:46 xxxxxxxx last message repeated 2 times
The above part is what really matters... you can't with a source
address of 127.0.0.1 to any other host.
If you're so inclined, the source code making this check is
apparently in route.c
Give br0 an IP address, and redirect to that address. (eth1 and eth2
as part of a bridge don't get ips)
-Jeff
SIG: HUP
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
