> I have tried it: > > iptables -t nat -A PREROUTING -p tcp -i eth2 --dport 1000 -j DNAT --to > =09\192.168.1.2:80 > > And doesn't work: > > carles@pinux:~$ telnet SERVER 1000 > Trying IP_SERVER... > > And if I do it with redir command works fine. > > What is the problem? > And the solution? Have you also used the other lines I sended? You must be sure you are no= t=20 blocking incoming port 1000. And you must be sure you can forward to por= t=20 80. And I miss a -d option with the ip of your firewall/ This works fine for me. This is a copy-paste from my firewall-script : iptables -A INPUT -p tcp --dport 8088 -j ACCEPT iptables -t nat -A PREROUTING -p tcp -d 192.168.1.254 --dport 8080 -j DNA= T=20 --to 192.168.1.253:80 iptables -t nat -A PREROUTING -p tcp -d $EX_IP --dport 8080 -j DNAT --to=20 192.168.1.253:80 iptables -A FORWARD -p tcp -d 192.168.1.253 --dport 8080 -j ACCEPT $EX_IP is the internet-ip of my firewall. 192.168.1.254 is the LAN-ip of my firewall 192.168.1.253 is the ip of my webserver I hope this can help. Stef
