On Wed, 10 Apr 2002, Ian Truelsen wrote: > iptables -t nat -A PREROUTING -p tcp --destination-port 25 -j DNAT --to > 192.168.100.1:25 > iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j DNAT --to > 192.168.100.1:80 > iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j DNAT --to > 192.168.100.1:443
You only want to do that for outgoing connections, that is put '-i ppp0' in each of these three lines. Probably you want to allow these connections too: iptables -A FORWARD -i ppp0 -o eth1 -d 192.168.100.1 -p tcp --dport 25 -j ACCEPT iptables -A FORWARD -i ppp0 -o eth1 -d 192.168.100.1 -p tcp --dport 80 -j ACCEPT iptables -A FORWARD -i ppp0 -o eth1 -d 192.168.100.1 -p tcp --dport 443 -j ACCEPT > # Set up IP FORWARDing and Masquerading > iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE > iptables --append FORWARD --in-interface eth1 -j ACCEPT Looks fine. Rasmus -- -- [ Rasmus "M�ffe" B�g Hansen ] --------------------------------------- If you try to prove Murphy's law - will you fail? ----------------------------------[ moffe at amagerkollegiet dot dk ] --
