[wplug] IP forwarding with iptables--ARGH!
Eric C. Cooper
ecc at cmu.edu
Wed Feb 11 18:03:32 EST 2004
On Wed, Feb 11, 2004 at 05:25:29PM -0500, Tim Lesher wrote:
> It appears that you *just* *can't* port-forward a packet sent from a
> local connection, because the kernel doesn't look at the nat table for
> locally-generated packets, and you can't mangle the packet from the
> filter table.
It might work if you enable this kernel option:
config IP_NF_NAT_LOCAL
bool "NAT of local connections (READ HELP)"
depends on IP_NF_NAT
help
This option enables support for NAT of locally originated
connections.
Enable this if you need to use destination NAT on
connections
originating from local processes on the nat box itself.
--
Eric C. Cooper e c c @ c m u . e d u
More information about the wplug
mailing list