How to redirect ports for on a virtual interface?
There are two IPs associated with one physical network interface eth0 and eth0:0.
The following works fine for the first interface:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
Howerver the same doesn't work for the second interface:
iptables -A PREROUTING -t nat -i eth0:0 -p tcp --dport 80 -j REDIRECT --to-port 8080
Also tried:
iptables -A PREROUTING -t nat -p tcp --dport 80 -d $THE_IP -j REDIRECT --to-port 8080
So the question is how to do redirecting on a virtual interface.
You don't. Alias interfaces are a notational convention that don't actually exist at the deep layers of the kernel where iptables roams. Use an IP address (your third example command is broken and will have produced an error message which should have clued you in) and all will be well.
Your third command is missing something : the enabling of multiport
Add -m multiport
at the begining so it will be ok.
+ it is suposed to be --dports
and --to-ports
(plural form) even if you specify only a single port
Note that I had a similar problem + I already had an application using port 80 (apache2) that I had to kill before being able to use the redirection