# (6) PREROUTING chain rules iptables -t nat -A PREROUTING -i eth1 -p tcp --sport 80 -d PUB.XXX.XXX.XXX --dport 80 \ -j DNAT --to-destination PVT.XXX.XXX.XXX:80 get that -sport 80 out of that rule above, http requests rarely originate from port 80 ;)
