I use APF firewall and am able to add my forwarding rules to /etc/apf/preroute.rules and /etc/postroute.rules
My rules are set as follows:
$IPT -t nat -A PREROUTING -p tcp --dport 666 -i eth0:0 -j DNAT --to-destination x.x.x.x:port
$IPT -t nat -A POSTROUTING -j MASQUERADE
If I change -i eth0:0 to -i eth0 this works. If I keep this as eth0:0, it fails. I want it to work for the virtual interface eth0:0 - is this because I need to add routing tables for the virtual interfaces? Or a more complex iptables expression?
Thanks for any help!