Hello, Kristoff Bonne a écrit : > > I have a problem on a NSLU2 running openwrt to do inboud portforwarding > to my internal webserver: > > iptables -A PREROUTING -t nat -i ppp0 -p tcp --dport 80 -j DNAT --to > 192.168.1.10 > > iptables -I FORWARD -d 192.168.1.0/24 -j ACCEPT > > This works, however, when I look at the webserver, the traffic seams to > come from my router (192.168.1.1) and not from the IPaddress on the > internet. > I don't know why he does this as I only configured a DNAT, no SNAT. Check in the nat/POSTROUTING chain for an existing SNAT or MASQUERADE rule that matches port forwarded connections. It could be specific to the LAN interface or generic to any interface (and not only to the PPP interface), such as : iptables -t nat -A POSTROUTING -j MASQUERADE It is useful in order for "looped-back" forwarded connections from the LAN to work by avoiding asymetric routing. -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
