I use a Linux machine to masquerade a Windows machine to the internet. The Linux machine has a static IP address and the Windows box is DHCP from the Linux box using private 192.168 IP range.
I needed to be able to allow internet users thru my firewall to access a specific port on the Windows machine, so I created a rule: iptables -t nat -A PREROUTING -p tcp --dport 5520 -j DNAT --to 192.168.0.1:5520 And everything worked as expected, until I tried to use the Windows machine to access another internet machine by entering www.someip.org/5520 in my Windows browser, I get an error message that the site cannot be reached. However, the Linux machine can reach the same address fine. So I searched the NAT documentation looking for answers. I think I need an OUTPUT rule or a POSTROUTE rule but I am not sure which one I need. From what I read I would think I need an OUTPUT rule since the docs talk about internal network workings. I would like to know why it's not working and how I should go about fixing it. Thanks. _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
