Re: [Xen-devel] iptables nat redirect

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

> I'm trying to do a nat redirect (traffic redirected from a router, not 
> originally for the machine).  I can see the network traffic, but the 
> iptable rules do not appear to do anything.  Is this possible on a 
> virtual domain, and if not what needs to be done?

This should work okay from domain 0. Domain 0 is allowed to send any
packet to the physical network. Also, packets that match no other rule
are forwarded to domain 0.

iptables -L -v 

and 

iptables -tnat -L -v

may help --- they tell you how many packets have matched each iptables
rule. You might therefore be able to work out whether packets are
reaching domain 0 and, if so, where they are getting misdirected.

 -- Keir