Sorry if this ends up being a stupid question, but I am just beginning with Iptables.
I have a new firewall box that I am setting up with Iptables. Initially, I had only a masquerading rule on it which gave me access to the web from my LAN, but did not get mail to my mail server or http requests to my web server. So, added three extra rules to try and work that out. Here is what I have now: iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -t nat -A PREROUTING -p tcp --destination-port 25 -j DNAT --to 192.168.100.1:25 iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j DNAT --to 192.168.100.1:80 iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j DNAT --to 192.168.100.1:443 # Set up IP FORWARDing and Masquerading iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE iptables --append FORWARD --in-interface eth1 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward The 192.168.100.1 is the server that has the web and email servers on it. The problem now is that a) I cannot access my web server from within the LAN by using just the www.ihtruelsen.2y.net, which is what I used to be able to do, I now have to use the machine name as well, in this case dark-lord.ihtruelsen.2y.net and b) my LAN machines can no longer get to web sites, but can ping to the internet. On the other hand, the mail is getting in, and, if you are reading this, it gets out as well. I am sure that I have missed something, but I am still not at all sure why this would fail in this particular way. Could someone give me a hint as to why this is acting the way that it is? Ian Truelsen Masters program in Philosophy University of Manitoba, Winnipeg, Canada BA (Wilfrid Laurier University) Email: [EMAIL PROTECTED]
