> I'm trying to do it with iptables destination nat, I created this rule > Chain PREROUTING (policy ACCEPT 9177 packets, 1980K bytes) > pkts bytes target prot opt in out source > destination > 8 480 DNAT tcp -- any any anywhere > anywhere tcp dpt:telnet to:10.0.0.4:23 > > with this command "iptables -t nat -A PREROUTING -p tcp --dport 23 -j DNAT > - --to 10.0.0.4:23" > When I telnet to the routing box, I see that the counters for that rule are > incremented, so, it seems to be working, but I was told, that I'm missing, > a rule, that NATs the packets back... but I'm not sure how to make that > rule, can anyone help me ?
iptable should route the packets coming back without any other instruction. emerge ethereal and look at the traffic going through your box. Does the SYN goes to the LAN's box? Does a SYN ACK comes back? Can you ping the LAN's box from the router and vice-versa? And don't use masquerading, that's not what you need. -- mathieu -- [EMAIL PROTECTED] mailing list
