Redirect incoming packets to loopback

dwurf asked:

I’m trying to use iptables to redirect an incoming packet on eth0 to a service listening on the loopback interface. Based on this link I’m attempting to craft the following rule:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT -o lo --to-port 80

but I’m getting the errror shown below:

Can't use -o with PREROUTING

The man page explains why this can’t work:

   (REDIRECT) redirects the packet to the machine itself by changing the
   destination IP  to  the  primary  address  of  the  incoming  interface

How can I take incoming packets and feed them to the loopback interface?

My answer:


Why did you add -o lo? That’s not necessary, doesn’t work, and isn’t even in the tutorial you linked to. Just remove it.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.