Join Log in
Score:0
QF0 avatar Server

iptables DNAT change not showing up in Wireshark

gu flag
QF0

I want to re-route all incoming traffic on interface ens4f0 to IP address 192.168.50.10, but Wireshark is showing that the destination IP address on incoming packets is unchanged. Is this the expected behaviour? I thought PREROUTING got in before anything else?

My iptables command is:

# iptables -t nat -A PREROUTING -i ens4f0 -j DNAT --to 192.168.50.10
# iptables -t nat -vL
Chain PREROUTING (policy ACCEPT 24618 packets, 1923K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DNAT       all  --  ens4f0 any     anywhere             anywhere             to:192.168.50.8
    0     0 DNAT       all  --  ens4f0 any     anywhere             anywhere             to:192.168.50.10
    0     0 DNAT       all  --  ens4f0 any     anywhere             anywhere             to:192.168.50.10

I know that incoming packets are from 192.168.50.8, so I've also tried:

# iptables -t nat -A PREROUTING -i ens4f0 -j DNAT -s 192.168.50.8/32 --to 192.168.50.10
# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       all  --  anywhere             anywhere             to:192.168.50.8
DNAT       all  --  anywhere             anywhere             to:192.168.50.10
DNAT       all  --  anywhere             anywhere             to:192.168.50.10
DNAT       all  --  192.168.50.8         anywhere             to:192.168.50.10
167
1 + 0
nat
Score:1
Michael Hampton avatar Server
cz flag
Michael Hampton

Wireshark captures incoming packets before they are processed by the firewall, (and outbound packets after they are processed by the firewall) so you cannot see changes made by the firewall to inbound packets in this packet capture. Try capturing on the outbound interface to see the modified packets.

0 + 1
QF0 avatar
gu flag
QF0
Thanks. I suppose it would pretty useless if it caught incoming packets after the firewall.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.