On Thursday 04 July 2002 21:01, Antony Stone wrote: > On Thursday 04 July 2002 7:59 pm, Jan Humme wrote: > > On Thursday 04 July 2002 20:51, Antony Stone wrote: > > > On Thursday 04 July 2002 7:48 pm, Jan Humme wrote: > > > > On Thursday 04 July 2002 20:20, Antony Stone wrote: > > > > > # Redirect http requests to local proxy > > > > > iptables -A PREROUTING -t nat -p tcp --dport 80 -j DNAT > > > > > 127.0.0.1:80 > > > > > > > > Antony, just for my understanding: is this any different from: > > > > > > > > iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT ? > > > > > > No. I just find the name 'redirect' a bit ambiguous (I mean, it could > > > redirect it somewhere else, couldn't it, but no, it only redirects it > > > to the local machine...) therefore I use DNAT which I'm familiar with > > > from other uses. > > > > OK, and agree. > > > > But I am somewhat surprised to find such redundant syntax at this level. > > I could have written it as > > iptables -A PREROUTING -t nat -p tcp --dport 80 -j DNAT 127.0.0.1 > > if you prefer :-)
I was in fact refering to the redundant design of the iptables syntax, and not to your beautiful piece of nat-art, Anthony ;-) ! Jan Humme.
