iptables question
Luke Davis
ldavis at shellworld.net
Sun Jul 4 02:53:23 EDT 2004
On Sat, 3 Jul 2004, Gregory Nowak wrote:
> In a nutshell, I've now got:
>
> iptables -t nat -A OUTPUT -p tcp -o eth0 --dport 25 -j DNAT
Note, that in the first version of this, you had a dollars sign, before
"eth0".
Not sure whether that was intentional.
> - --to-destination aaa.bbb.ccc.ddd
Why is there a space-delimited hyphen in the middle of the command, before
"--to-destination"? That was there on the first version of this as well,
and while I haven't looked up "--to-destination", nothing in FSF would
lead me to the conclusion that this serves some useful purpose.
As for why telnet is showing the address you are telnetting to, not the
redirect address: that is the essence of hijacking intended
destinations--the person making the connection, is given no idea that it
is being done, by use of IP addresses. Telnet doesn't know its happening,
and therefore shows the address it expects to be reaching.
Luke
More information about the Speakup
mailing list