Linux - iptables REDIRECT scheint nicht zu funktionieren!

iptables -t nat -A PREROUTING -s 192.168.178.0/24 -d 0/0 -p udp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -A PREROUTING -s 192.168.178.0/24 -d 0/0 -p tcp --dport 80 -j REDIRECT --to-ports 3128

iptables-save

# Generated by iptables-save v1.4.8 on Mon Jan 24 09:50:15 2011
*nat
:PREROUTING ACCEPT [230:17929]
:OUTPUT ACCEPT [378:27947]
:POSTROUTING ACCEPT [378:27947]
-A PREROUTING -s 192.168.178.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 
-A PREROUTING -s 192.168.178.0/24 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128 
COMMIT
# Completed on Mon Jan 24 09:50:15 2011
# Generated by iptables-save v1.4.8 on Mon Jan 24 09:50:15 2011
*mangle
:PREROUTING ACCEPT [9488:3670820]
:INPUT ACCEPT [9482:3669714]
:FORWARD ACCEPT [2:152]
:OUTPUT ACCEPT [9781:5461193]
:POSTROUTING ACCEPT [9881:5483860]
COMMIT
# Completed on Mon Jan 24 09:50:15 2011
# Generated by iptables-save v1.4.8 on Mon Jan 24 09:50:15 2011
*raw
:PREROUTING ACCEPT [9488:3670820]
:OUTPUT ACCEPT [9781:5461193]
-A PREROUTING -i lo -j NOTRACK 
-A OUTPUT -o lo -j NOTRACK 
COMMIT
# Completed on Mon Jan 24 09:50:15 2011
# Generated by iptables-save v1.4.8 on Mon Jan 24 09:50:15 2011
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [22:880]
:forward_ext - [0:0]
:forward_int - [0:0]
:input_ext - [0:0]
:input_int - [0:0]
:reject_func - [0:0]
-A INPUT -i lo -j ACCEPT 
-A INPUT -m state --state ESTABLISHED -j ACCEPT 
-A INPUT -p icmp -m state --state RELATED -j ACCEPT 
-A INPUT -i eth0 -j input_int 
-A INPUT -i eth1 -j input_ext 
-A INPUT -j input_ext 
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-IN-ILL-TARGET " --log-tcp-options --log-ip-options   
-A INPUT -j DROP 
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 
-A FORWARD -i eth0 -j forward_int 
-A FORWARD -i eth1 -j forward_ext 
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWD-ILL-ROUTING " --log-tcp-options --log-ip-options   
-A FORWARD -j DROP 
-A OUTPUT -o lo -j ACCEPT 
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT 
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-OUT-ERROR " --log-tcp-options --log-ip-options   
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3/2 -j ACCEPT 
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 5 -j ACCEPT 
-A forward_ext -m pkttype --pkt-type multicast -j DROP 
-A forward_ext -m pkttype --pkt-type broadcast -j DROP 
-A forward_ext -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-FWDext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_ext -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWDext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_ext -p udp -m limit --limit 3/min -m state --state NEW -j LOG --log-prefix "SFW2-FWDext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_ext -j DROP 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3/2 -j ACCEPT 
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 5 -j ACCEPT 
-A forward_int -m pkttype --pkt-type multicast -j DROP 
-A forward_int -m pkttype --pkt-type broadcast -j DROP 
-A forward_int -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-FWDint-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_int -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWDint-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_int -p udp -m limit --limit 3/min -m state --state NEW -j LOG --log-prefix "SFW2-FWDint-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A forward_int -j reject_func 
-A input_ext -m pkttype --pkt-type broadcast -j DROP 
-A input_ext -p icmp -m icmp --icmp-type 4 -j ACCEPT 
-A input_ext -p icmp -m icmp --icmp-type 8 -j ACCEPT 
-A input_ext -m pkttype --pkt-type multicast -j DROP 
-A input_ext -m pkttype --pkt-type broadcast -j DROP 
-A input_ext -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A input_ext -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A input_ext -p udp -m limit --limit 3/min -m state --state NEW -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options   
-A input_ext -j DROP 
-A input_int -j ACCEPT 
-A reject_func -p tcp -j REJECT --reject-with tcp-reset 
-A reject_func -p udp -j REJECT --reject-with icmp-port-unreachable 
-A reject_func -j REJECT --reject-with icmp-proto-unreachable 
COMMIT
# Completed on Mon Jan 24 09:50:15 2011