Err... did you label your picture right according to what you said?? POSTROUTING should be done on linux1 according to your graphs. PREROUTING should be done on linux2 Also, we need to see all your rules as you may have a -j DROP somewhere that might be blocking it ie. ( -P FORWARD -j DROP ) Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: Adi [mailto:adi@xxxxxxxxx] Sent: Thursday, May 22, 2003 7:09 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Port FWD via 2 NAT Hello, For ascii art fans: INTERNET----[eth0 LINUX1 eth1]----[eth0 LINUX2 eth1]----[Windows] Linux1 eth0 - public address, NAT, eth1 - 10.0.2.1 Linux2 eth0 - 10.0.2.2, NAT, eth1 - 10.0.5.1 Windows - 10.0.5.13 What I can do on Linux1 and Linux2 to allow connect from INTERNET to telnet on Windows machine? I put on Linux1 something like this: iptables -A PREROUTING -t nat -p tcp -d (public address) --dport 23 -j DNAT --to 10.0.2.2:23 On Linux2: iptables -A PREROUTING -t nat -p tcp -d 10.0.2.2 --dport 23 -j DNAT --to 10.0.5.13 But it still not working :( What I doing wrong? Adi
