On 07/04/2014 01:31 AM, Mark jensen wrote:
I'm using centos 6.5 Linux distro
You do understand That you enforce the rules of a nat on a PREROUTING
table and not on an OUTPUT one...
Take a look at the example in the man pages:
http://ipset.netfilter.org/iptables-extensions.man.html
iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 0 -j
REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -p tcp --dport 80 -m cpu --cpu 1 -j
REDIRECT --to-port 8081
You cannot use a DNAT from the OUTPUT table which is a local table that
is not related to traffic that comes outside of the machine.
All The Bests,
Eliezer
