On Wednesday 09 April 2003 10:40 am, you wrote: > You do infact need DNAT and not SNAT > > iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT > --to-destination x.y.z.2:80 > > this should work. I tried but all connections go in timeout. I first flushed every chain,set default policy everywhere,and then added DNAT rule... no result... The strange thing is : if i DNAT on another interface everything is ok. if i DNAT through the incoming connection interface... it fails. strange... I think i miss something.. Thank you Chris
