Hello I've got a little problem with DNAT. I use MASQUERADING with SNAT for my internal network and it's working. I also want to forward ftp requests from the outside to a internal server. But thats not working. None ftp traffic is forwarded to the internal network.
I know there is a problem with the forwarding chain, but I can't get it to work...what rule(s) do I need to add? Here is my script: #!/bin/sh LAN_INT="eth1" LAN_EXT="eth0" Route add default gw 195.x.x.1 Iptables -F Iptables -F -t nat Iptables --policy INPUT DROP Iptables --policy OUTPUT DROP Iptables --policy FORWARD DROP Iptables -t nat --policy PREROUTING DROP Iptables -t nat --policy POSTROUTING DROP Iptables -A INPUT -p icmp -m limit --limit 3/s -j ACCEPT Iptables -A OUTPUT -p icmp -j ACCEPT Echo "1" > /proc/sys/net/ipv4/ip_forward #MASQ Iptables -t nat -A POSTROUTING -o $LAN_EXT -s 192.168.1.0/24 -j SNAT --to 195.x.x.2 Iptables -A FORWARD -i $LAN_EXT -m state --state ESTABLISHED,RELATED -j ACCEPT Iptables -A FORWARD -i $LAN_INT -s 192.168.1.0/24 -j ACCEPT #FTP Iptables -A PREROUTING -t nat -p tcp -i $LAN_EXT --dport 21 -j DNAT to 192.168.1.19:21 Thanks for your help Chasper
