On 18 Mar 2002, Carl Parrish wrote:

> Okay despite the fact that iptables didn't show up when I did lsmod (I
> guess I forgot netfilter was part of the *kernal*). It looks like
> iptables does install on RH 7.2 So I thought well instead of rewritting
> all my ipchains right now maybe I can just add a iptable rule to my
> firewall script (if this is vastly wrong please let me know). So here is
> my attempt
> 
> iptables -A PREROUTING -t nat -p tcp -d $IPADDR --dport $WEB_PORT \
> 	-j DNAT --to-destination $WEBSERVER
> 

I don't know if the syntax makes as much of a difference here... 
but this is how it's written at: 
http://netfilter.samba.org/documentation/HOWTO/NAT-HOWTO-6.html

## Change destination addresses of web traffic to 5.6.7.8, port 8080.
# iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 \
        -j DNAT --to 5.6.7.8:8080
They use --to instead of --to-destination and -t nat is before -A 
PREROUTING.
I haven't tried this particular nat setup but have a nat rule in my 
iptables script and put the -t nat first there... just following the 
examples.


> but when I try to run my script I get this
> 
> iptables v1.2.3: Unknown arg `--to'
> 
> my man page of iptables says that --to-destination is a valid arg
> though. So any thoughts??
> 
> Thanks in advance, 
> Carl P. 
> 
> 
> 
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> PLUG-discuss mailing list  -  PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 

-- 
Patrick Fleming, EA
Licensed to represent taxpayers
before Exam, Appeals, and Conference 
divisions of the IRS