As part of an experiment at work, I wanted to intercept all traffic on port 80 that was headed to a certain IP address. To handle the traffic, I built a python script using BaseHTTPServer based around this sample code and ran it on .202 - one of my CentOS 5.2 boxes.

Next step was to get the traffic to the right machine. As the browser was on a Vista box, I used the windows command route ADD 82.94.164.162  192.168.0.202 Yes that’s the python.org website. I often use that for testing as is generally well behaved and doesn’t seem to do ’special’ things.

Now I needed to tell the .202 box to not forward the traffic, but to deliver it locally. iptables to the rescue: sudo /sbin/iptables -t nat -A PREROUTING -p tcp -j REDIRECT

Didn’t even need to poke a hole in the iptables firewall as this seemed to do the job without.

iptables is BUCK!