Port translation

IKnowNot at comcast.net IKnowNot at comcast.net
Sun Jul 13 00:12:23 UTC 2008

Uno Engborg wrote:
> Rüdiger Pretzlaff skrev:
>> Am 12.07.2008 um 12:21 schrieb Uno Engborg:
>>> For various reasons I would like to  forward trafic to port 390 to 
>>> port 5432 on the same host. One would think this would be a
>>> simple task for iptables but I have now tinkered with this for two 
>>> days, and I still fail to get it right.
>>> I try something like:
>>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>> iptables -t nat -A PREROUTING  -p tcp  --dport 390 -j REDIRECT 
>>> --to-ports 5432
>>> I have also tried :
>>> iptables -t nat -A PREROUTING  -p tcp --dport 390 -j DNAT --to 
>>> where is the address of the host
>>> Any ideas on how to do this?
>>> Regards
>>> Uno Engborg
>> Hi,
>> add:
>> iptables -A FORWARD  -p tcp --dport 390 -d -j ACCEPT 
> Thanks., but unfortunately that isn't enough to make it work.
> Is there any special kernel modules or /proc/sys/ipv4/*  settings I need 
> to do,
> or could the problem be that it is the same host?
> Regards
> Uno Engborg
I don't know how you are applying this so it is hard to say, but you do 
not need forwarding.

I would prefer to see you use --to-port ( for single port ) rather then 
using --to-ports

Have you seen this:

If that does not work, maybe include the output from

iptables -t nat --list


iptables -n --list --line-numbers

as there may be something else blocking the packets.

More information about the fedora-list mailing list