iptables -t -A PREROUTING -i eth1 -p TCP --dport 1494 -j DNAT --to 192.168.0.1:1494 iptables -A FORWARD -i eth1 -o eth0 -p TCP -d 192.168.0.1 --dport 1494 -j ACCEPT opps wrong dest port :) ----- Original Message ----- From: "Paul Cousins" <paul@xxxxxxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Wednesday, July 30, 2003 3:29 PM Subject: Re: [iptables] Help Required > iptables -t -A PREROUTING -i eth1 -p TCP --dport 1494 -j DNAT --to > 192.168.0.1:1494 > iptables -A FORWARD -i eth1 -o eth0 -p TCP -d 192.168.0.1 --dport 22 -j > ACCEPT > > of course your -i and -o interfaces may have different names. -i being the > external and -o being the internal in this scenario. an dof course the > address will be different but you should get the idea. > ------------------------------------------------ > Paul Cousins > Canterbury Computer Services > paul@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > > > ----- Original Message ----- > From: "Sridhar Murthy" <sridhar@xxxxxxxxxxxx> > To: <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Wednesday, July 30, 2003 10:40 AM > Subject: [iptables] Help Required > > > > > > > > Hi Team, > > > > I require help to my following setup: > > > > I have a Redhat 8 Server with squid,smtp & pop3 with iptables running. > > > > My requirement is we have a citrix server with local LAN ipaddress. People > > from Internet will have to access this server from outside(my firewall is > > having a public ipaddress which is dynamic assigned). I want to know what > is > > the rules that i have to add to allow the traffic which uses port number > > 1494, to get into my network and access my citrix server which is having > LAN > > ip. Should any nat be added. > > > > Thanks in advance. > > > > Regards, > > > > Sridhar > > > > > > > > > >