Anyone using DNAT (port-forwarding) on a multi-homed linux box with netfilter? I am having trouble getting it to work. My system is multi-homed (dsl and cable) and I have a box with route2 configured to support inbound connections to SMTP and HTTP services. It is all working fine with response packets going out the correct interface. I am trying to move these services off of the firewall/router box. I tried to configure DNAT to "port-forward" these services to a new box, and the DNAT starts out working fine, from the original request (from outside), NAT'd properly to the new inside box, the response goes back through the firewall/router box, and the response gets NAT'd properly, BUT ... the packet goes out the wrong interface! It goes out the interface of the "default" gateway. It appears that the iproute2 configuration is being ignored. I am using source routing to get packets steered out the correct interface. Any help much appreciated. Dave Larson __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
