我有一个基于 Linux 的路由器。我正在尝试创建一个 iptable 规则,以使用其 mac 地址重定向特定客户端的流量。这是我现在的规则(不起作用):
iptables -t nat -A prerouting_lan -m mac --mac-source $mac -i br-lan -p tcp --dport 80 -j DNAT --to $ipaddr
我做错了什么?任何建议我都会很感激。
电动汽车
答案1
尝试将 DNAT 字段中的“--to”更改为“--to-destination”。来自“man iptables”:
DNAT
This target is only valid in the nat table, in the PREROUTING and OUTPUT chains, and user-defined chains which are only called
from those chains. It specifies that the destination address of the packet should be modified (and all future packets in this
connection will also be mangled), and rules should cease being examined. It takes one type of option:
--to-destination [ipaddr][-ipaddr][:port[-port]]