Hello Danila, Shouldn't be a problem, since netfilter takes care before the paket hits anything else, as long as you put your rule in the prerouting chain. All you wanna do is add something like: iptables -t nat -A PREROUTING -d realip --dport 33333 -i eth0 -j DNAT --to 192.168.13.147.80 This rewrites the destination address. if you ip is from a dialup connection you might want to use MASQUERADE ... And make sure you have connection tracking, so the answer packages get rewritten properly. I think that should do .... Check out the FAQs there's some nice examples there ... Tuesday, February 11, 2003, 7:21:30 PM, you wrote: DO> Hello, DO> I want to ask you something regarding something that i am stuck in... :-) DO> I need to allow acces to a Web server which runs on a machine inside my LAN. DO> my topology is : DO> internet <------>(eth0)[web,smtp,pop3,ftp](eth1)<------>LAN(192.168.13.0/24) DO> i have only one "real" IP on eth0. DO> can you tell me how can i use something like : DO> http://www.myserver.xxx:33333 to redirect to .. let's say 192.168.13.147:80 ?? DO> the main problem that i see here is that on port 33333 i have no services running. DO> Thanxx in advance, DO> Danila Octavian(pisic@service.agress.ro) -- Best regards, DarKRaveR mailto:DarKRaveR@habitat-b.de
