I have trouble setting up the correct iptables rule to change the destination of a forwarded package after prerouting. I have a rule to redirect all incoming port 80 traffic to my local port 3128 :
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 3128
On port 3128, I'm running a transparent proxy that does some analysis on the traffic, then sends it to its actual location.
However, I want to treat traffic to 10.0.0.25:80 to be treated differently. I want it to go through the proxy on port 3128, but then have the destination changed to port 80 on my machine (10.0.0.1:80). I have tried the following, but it doesn't work, as the client device gets a message that says no service could be found at 10.0.0.25 :
iptables -t nat -A OUTPUT -d 10.0.0.25 -j REDIRECT --to 80
All help is appreciated.
I just figured out what's wrong: Since 10.0.0.25 is one the same network as my client devices, it's only natural that no device would ever try to reach it via the gateway (10.0.0.1). They rather tried to reach it directly. Since 10.0.0.25 is just an address I made up (which was helping me with another routing issue), I changed it to an address on a different network and all was fine.