Shaun Landau wrote:
>OK, so let me see if I understand. I should put the DNAT rule before my
>INPUT rules. Then I should also have a FORWARD rule that forwards the
>traffic that has been translated to the new destination. Is this correct?
>
>Here's how I forwarded some stuff:
>
$IPTABLES --table nat -p udp --append PREROUTING \
--source $OUTSIDE --destination $EXT_IP -m multiport --dports
xxx,yyy,zzz \
-j DNAT --to 192.168.129.3
and then my forward and output rules:
$IPTABLES -A OUTPUT --destination 192.168.0.0/16 -j ACCEPT
$IPTABLES -A FORWARD --source 192.168.0.0/16 --destination
192.168.0.0/16 -j ACCEPT
This worked fine until I obsoleted that particular server.
--Yan
>
>
>
