--=-1Uh1VKZ/5TgJ5QFYQEgS Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi If I have a web server in my DMZ, then I have a PREROUTING rule to redirect incoming traffic to the server, like : $IPTABLES -t nat -A PREROUTING -i $IFACE_INET -p tcp --dport 80 -d $IP_INET_WEB1 -j DNAT --to $IP_INT_WEB1 I also have the FORWARDing rules ... Do I need a POSTROUTING rule in the nat table for return/reply traffic, or is that automagically handled by nat? Obviously I have the FORWARD rule to forward the replies from $IP_INT_WEB1 back to the source. Ray --=20 --=-1Uh1VKZ/5TgJ5QFYQEgS Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQA91Ptmh1fuR/Bv+ygRAhW7AJ9irTlsU4QvwxzS6jhJ6PPJxIUZHwCfctHI iMPs7QLCXsEzTfWjgWkzuF0= =JbMJ -----END PGP SIGNATURE----- --=-1Uh1VKZ/5TgJ5QFYQEgS--
