iptables -t -A PREROUTING -i eth1 -p TCP --dport 1494 -j DNAT --to 192.168.0.1:1494 iptables -A FORWARD -i eth1 -o eth0 -p TCP -d 192.168.0.1 --dport 22 -j ACCEPT of course your -i and -o interfaces may have different names. -i being the external and -o being the internal in this scenario. an dof course the address will be different but you should get the idea. ------------------------------------------------ Paul Cousins Canterbury Computer Services paul@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Sridhar Murthy" <sridhar@xxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, July 30, 2003 10:40 AM Subject: [iptables] Help Required > > > Hi Team, > > I require help to my following setup: > > I have a Redhat 8 Server with squid,smtp & pop3 with iptables running. > > My requirement is we have a citrix server with local LAN ipaddress. People > from Internet will have to access this server from outside(my firewall is > having a public ipaddress which is dynamic assigned). I want to know what is > the rules that i have to add to allow the traffic which uses port number > 1494, to get into my network and access my citrix server which is having LAN > ip. Should any nat be added. > > Thanks in advance. > > Regards, > > Sridhar > > >
