2008-05-10, 05:10 AM 
		
	
	Hey all, this being my first post please go easy on me:
I have the following problem, I want to route all requests to port 80 to port 8171 and 443 to 8143 (both internally from within my box and externally from other computers). The following is the configuration information on the iptables status:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8171
2 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 redir ports 8143
Here is my configuration:
# Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008
*nat
:PREROUTING ACCEPT [22:3658]
:POSTROUTING ACCEPT [64:4788]
:OUTPUT ACCEPT [57:4368]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143
-A OUTPUT -o lo -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8171
-A OUTPUT -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8143
COMMIT
# Completed on Thu May 8 18:29:01 2008
# Generated by iptables-save v1.3.5 on Thu May 8 18:29:01 2008
*filter
:INPUT ACCEPT [21858:11609795]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [22001:18526588]
COMMIT
# Completed on Thu May 8 18:29:01 2008
Now the configuration for port 80 works fine and routs to 8171 when accessed from the box itself or from an outside computer. When I access 443 from an outside computer it correctly forwards to 8143. But when I try and access 443 from the box itself, it doesn't seem to route. What is wrong with my config???

 
 

 
