我有一个基于Linux的路由器。 我正在尝试创build一个iptable规则来redirect使用其mac地址的特定客户端的stream量。 这是我现在的规则(这是不工作):
iptables -t nat -A prerouting_lan -m mac --mac-source $mac -i br-lan -p tcp --dport 80 -j DNAT --to $ipaddr 我究竟做错了什么? 任何build议,将不胜感激。
EV
尝试将DNAT字段中的“–to”更改为“–to-destination”。 从“man iptables”:
DNAT This target is only valid in the nat table, in the PREROUTING and OUTPUT chains, and user-defined chains which are only called from those chains. It specifies that the destination address of the packet should be modified (and all future packets in this connection will also be mangled), and rules should cease being examined. It takes one type of option: --to-destination [ipaddr][-ipaddr][:port[-port]]