On Wednesday 19 February 2003 07:12 pm, Joel Newkirk wrote: > AFAIK, you can only DNAT to a contiguous range of IPs from a single > rule, and the rule construction you have here will ignore 'excess' > destinations. Well, I was wrong again. :^) Digging a bit further after posting this I find that multiple "-to" entries ARE valid, and should do what you want. The only reason I can think of (now) that all your traffic went to the first on the list is that there simply wasn't any load to speak of. How were you testing? Multiple simultaneous connections? Otherwise (from my latest reading :^) it will simply keep sending traffic to the first on the list, only using the next one if there is more traffic 'currently' (presumably based on the connection-tracking data) on the first destination than on the second. > j j
