I'm trying to do some simple tcp port forwarding [root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward 0 [root@wcmisdlin02 ~]# /bin/echo 1 > /proc/sys/net/ipv4/ip_forward [root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root@wcmisdlin02 ~]# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:mysql ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https REJECT all -- anywhere anywhere reject-with icmp-host-prohibited [root@wcmisdlin02 ~]# iptables --table nat --append PREROUTING --proto tcp --dport 80 --jump DNAT --to 10.52.208.223:80 [root@wcmisdlin02 ~]# iptables --table nat --list PREROUTING Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere anywhere tcp dpt:http to:10.52.208.223:80 [root@wcmisdlin02 ~]# curl --verbose http://10.52.208.221:80 * About to connect() to 10.52.208.221 port 80 * Trying 10.52.208.221... Connection refused * couldn't connect to host * Closing connection #0 curl: (7) couldn't connect to host [root@wcmisdlin02 ~]# -- http://alexus.org/ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos