[ale] Reflecting outbound packets (netfilter)

[Alex Carver]

Ok, I know there's a way to do this but I'm not successful with my attempts.

I have a device that calls out to a cloud service (http) which I don't
want.  I do want to see what it's trying to transmit and maybe set up a
web server to answer it locally.

So what I was thinking was to set my main router to intercept packets
coming from the device and reroute them to my internal web server.
Problem is that it doesn't seem to be working.

I currently do the following with eth0 being my internal interface

iptables -t nat -A PREROUTING -p tcp -i eth0 --dest <cloud IP> --dport
80 -j DNAT --to <internal web server>

No traffic reaches the web server.  I also have a matching log entry to
tell me when a packet traverses the filter.  I see those going by but
the web server is coming up empty.

I know I'm missing something to this configuration but I just can't find it.