10 Dec
2003
10 Dec
'03
13:29
On Wed, Dec 10, 2003 at 01:35:18PM +0100, BLeonhardt@analytek.de wrote:
HI all,
I'm not sure about the PREROUTING chain ..
if I say :
iptables -t nat -A PREROUTING -i eth1 -o eth0 -p tcp --dport 80 -j DNAT --to-destination 172.16.15.12:8080
is the real source address present or the source address from the router ?
iptables always checks for the real source address of the packet, not some address of a router which may be in between the source and the firewall. -- Erik Hensema (erik@hensema.net)