[Firehol-support] Port forwarding using dnat and traffic from localhost

Silvio Bierman sbierman at jambo-software.com
Wed Jun 4 01:18:43 BST 2014

Hello all,

I use firehol to forward all HTTP(S) traffic from ports 80/443 to 
8080/8443 on the same machine. I use config lines like

dnat to xxx.xxx.xxx.xxx:8080 proto tcp dport 80
dnat to xxx.xxx.xxx.xxx:8443 proto tcp dport 443

to achieve this where xxx.xxx.xxx.xxx is the IP address of the box 
itself. This means that firehol is running on the same host as the 

Now my problem is that when the webserver does a HTTP request to itself 
(for example by following a URL relative to that of an incoming request) 
the request targets port 80 but does not get forwarded to 8080 because 
it comes from the local machine. This forces me to do extra URL 
manipulation to explicitly target port 8080.

How can I get around this and have all traffic forwarded?

Thanks in advance,


More information about the Firehol-support mailing list