Do a tcpdump/ethereal on external interface as well internal interface. a) If you can see the packets coming to x.x.x.x on external interface there is no routing/proxy ARP problem on external side, else fix it!!
b) If you can see the packets leaving internal interface to destination 192.168.0.2, there is no routing problem on the firewall machine itself, else check the routing on the firewall machine if all this is fine then check the destination box itself. Cheers.. Subodh --- [EMAIL PROTECTED] wrote: > I've done this MANY times (juts want to map a public > IP with a private > one): > > #!/bin/sh > IPTABLES="/sbin/iptables" > > $IPTABLES -F INPUT > $IPTABLES -F OUTPUT > $IPTABLES -F FORWARD > $IPTABLES -F -t nat > $IPTABLES -F -t mangle > > modprobe iptable_nat > echo 1 >/proc/sys/net/ipv4/ip_forward > > $IPTABLES -t nat -A PREROUTING -i eth0 -d x.x.x.x -j > DNAT --to > 192.168.0.2 > > $IPTABLES -P INPUT ACCEPT > $IPTABLES -P OUTPUT ACCEPT > $IPTABLES -P FORWARD ACCEPT > > > And it does *NOT* send any packet to 192.168.0.2 ! > The firewall box itself does have another IP. > > What can be happening ? > > I use: > Mandrake 8.1 (2.4.8-34.1mdk) > IPtables verion: 1.2.4-1.1mdk > > and: > > #cat /proc/sys/net/ipv4/ip_forward > 1 > > > I know is stupid, mostly because i have this same > configuration up and > running in another box. Any place to look at ? > > > Thanks. > > __________________________________________________ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com
