* [Bridge] NAT on a bridge
@ 2004-04-29 15:36 Torsten Luettgert
2004-04-30 1:13 ` [Bridge] " Jason Lunz
0 siblings, 1 reply; 2+ messages in thread
From: Torsten Luettgert @ 2004-04-29 15:36 UTC (permalink / raw
To: bridge
Hello all,
I can't get "invisible" NAT on a bridge to work.
What I wanted to do is redirecting HTTP requests to
another machine (or the same machine, that'd be
good enough, too).
I set up a bridge. It worked fine just bridging.
Then I added the following iptables rule:
iptables -t nat -A PREROUTING -m physdev --physdev-in eth0 -p tcp \
--dport 80 -j DNAT --to (new address)
This resulted in the frames just disappearing in the bridge.
So, I thought, perhaps there's some problem with the address, what
with the bridge not knowing where it is and so on (both interfaces
are 0.0.0.0), perhaps I'll just try
iptables -t nat -A PREROUTING -m physdev --physdev-in eth0 -p tcp \
--dport 80 -j REDIRECT --to-ports 80
so everything should just go to my local machine, that's good enough.
The effect was the same, the SYN frame just disappears.
I tried this with linux 2.4.25 with the bridging patches and with
2.6.5. Same effect.
If I configure the machine as a router, it works perfectly.
What am I doing wrong?
-Torsten
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bridge] Re: NAT on a bridge
2004-04-29 15:36 [Bridge] NAT on a bridge Torsten Luettgert
@ 2004-04-30 1:13 ` Jason Lunz
0 siblings, 0 replies; 2+ messages in thread
From: Jason Lunz @ 2004-04-30 1:13 UTC (permalink / raw
To: bridge
t.luettgert@pressestimmen.de said:
> I can't get "invisible" NAT on a bridge to work. What I wanted to do
> is redirecting HTTP requests to another machine (or the same machine,
> that'd be good enough, too).
I'm trying to get something like this to work too, but haven't come to
any firm conclusion.
All I've been able to determine so far is that the DNAT won't work
unless there's an IP on the bridge. Have you been seeing warnings in
dmesg about turning on ip_forwarding?
Jason
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-04-30 1:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-04-29 15:36 [Bridge] NAT on a bridge Torsten Luettgert
2004-04-30 1:13 ` [Bridge] " Jason Lunz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.