Hi, my apologies if this is a faq -- I feel I'm missing something obvious but couldn't find a pointer anywhere. Using iptables on a 2.4.18 kernel, I want a simple NAT for all IP packets going over my box's eth0 to my DSL provider. Say the dhcp-obtained IP address is ISP_IP. I want all IP packets to or from this IP to be nated to 192.168.169.2. I have everything working, except that ICMP is broken: incoming ping requests are properly natted and arrive at 192.168.169.2, but I see ICMP replies on eth0 that aren't unnated. The iptables command I use is iptables -t nat -A PREROUTING -d ISP_IP -j DNAT --to 192.168.169.2 Look at what I see on eth0 when I ping the machine from the outside (from my office machine, OFF_IP): 13:21:14.303528 OFF_IP > ISP_IP: icmp: echo request (DF) 13:21:14.306158 192.168.169.2 > OFF_IP: icmp: echo reply 13:21:15.319962 OFF_IP > ISP_IP: icmp: echo request (DF) 13:21:15.321757 192.168.169.2 > OFF_IP: icmp: echo reply 13:21:16.319127 OFF_IP > ISP_IP: icmp: echo request (DF) 13:21:16.320931 192.168.169.2 > OFF_IP: icmp: echo reply Other connections work fine, just ICMP seems broken. Any help would really be appreciated, I've played with it for a while and cannot seem to get it right. Regards, Christian.
