On Sun, Mar 24, 2002 at 07:12:52PM +1100, Crossfire wrote: > Peter Rundle was once rumoured to have said: > > # iptables -t nat -A POSTROUTING -p tcp -s 0/0 --dport 80 -j DNAT --to > > 192.168.1.99 > > iptables: Invalid argument > > > > Cluesticks? > > s/POSTROUTING/PREROUTING/ > > DNAT has to be applied before a routing decision is made so the > packets can be routed correctly.
Conversely, SNAT has to be applied in POSTROUTING. -- Daniel Stone <[EMAIL PROTECTED]> <riel> OMFG ... yesterday's head hunter wants contact information for Linus now that I told him he's probably the only person with 10 years of continuous Linux experience ;)
msg21895/pgp00000.pgp
Description: PGP signature
