On 06/14/2018 08:24 AM, Igor Sverkos wrote: > Hi, > > I have a firewall host which has multiple IP addresses, i.e. > > - 1.2.3.4 > - 1.2.3.5 > - 1.2.3.6 > > I have different applications listening on same port 80 on IP 1.2.3.4 > and 1.2.3.6. > > To access port 80 on these IPs, I have twp ACCEPT rules like > > ACCEPT(MyApp) net $FW:1.2.3.4 > ACCEPT(MyApp2) net $FW:1.2.3.6 > > *MyApp" or "MyApp2" is a simple macro containing just > >> PARAM - - tcp 80 > > I now need to open MyApp2 on port 3080 in addition to port 80. > However, I cannot tell the application to listen on both ports > (application can only bind to one port) so I want to use a REDIRECT > rule. But how do I do that? > > A simple > >> REDIRECT net $FW:1.2.3.6:80 tcp 3080 > > doesn't work (looks like I cannot specify an IP address in REDIRECT > rules but plain iptables should support that, not?). >
No -- iptables does not support changing the destination IP address as part of REDIRECT. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
