Hi guys,
I'm porting one of my FreeBSD programs into Debian. I wanted to
know if I can have an iptables rule (or use any other service) which
work exactly similar to "ipfw forward" command in FreeBSD.
"ipfw forward" just changes dst-port of the packet, and other parameters
like "src-ip", "src-port" and "dst-ip" of the packet stay the same. for
example, if I define this rule:
ipfw add 100 fwd 127.0.0.1,1234 tcp from any to any dst-port 80 in
now if I have a tcp-server listing to port-1234, I can discover
original ip/port of both source and destination of any http request
which passes through my box and generate a valid response to it (just
dst-port is changed to 1234, which I now it was originally 80).
but in linux with iptables, it seems I just have iptables nat rules, which changes "dst-ip" of the packet as well:
iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 1234