I try to explain my project. I have a server with 2 interfaces one has to offer a website and absolutely nothing else. The other interface will be used to control and manage this server. To the interface of the webserver will be attached a access point to get connected to this server.
The picture Internet ---> eth0 = SERVER |FIREWALL| WebServer = eth1 --> AP --> USER1, USER2, ...
I installed Apache2 and dnsmasq who is now offering DHCP to LAN. What I want to do is to redirect everything from eth1 to eth1 172.28.1.1 port 80. And block everything else. This is just for security.
Thanks!
---- SOLUTION ----
After searching a lot and with the guide of the first response, I get the solution. My problem was to make a captive portal and redirect everything to local ip.
Solution, quite easy. Setup dnsmasq and set this setting:
/etc/dnsmasq.conf
address=/#/172.28.1.1
Block any kind of traffic and redirect it to local ip
# iptables -t nat -I PREROUTING -j DNAT -s 172.28.0.0/16 -p tcp --to-destination 172.28.1.1
# iptables -t nat -I PREROUTING -j DNAT -s 172.28.0.0/16 -p udp --to-destination 172.28.1.1