Is it possible to change the destination port of a UDP packet using iptables?
I'm trying to get an SNMP agent to send out traps on 1620 instead of 162. Unfortunately so far I've only managed to change the source port:
iptables -t nat -A POSTROUTING -p udp --dport 162 -j SNAT --to :1620
This usage is apparently not supported. Taken from http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.txt:
6.3.7. Altering the Destination of Locally-Generated Connections
The NAT code allows you to insert DNAT rules in the OUTPUT chain, but
this is not fully supported in 2.4 (it can be, but it requires a new
configuration option, some testing, and a fair bit of coding, so unless someone contracts Rusty to write it, I wouldn't expect it soon).The current limitation is that you can only change the destination to
the local machine (e.g. `j DNAT --to 127.0.0.1'), not to any other machine, otherwise the replies won't be translated correctly.