I have found that my destination IP in my rules MUST be bound on eth0 what is this? I thought I could use any working IP on my internal network as the --to-destination IP...?? Example: internal machine: eth0:192.168.1.55 eth1:192.168.1.56 #1 iptables -v -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNA T--to 192.168.1.55:80 This will work because the destination IP is on eth0 #2 iptables -v -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNA T--to 192.168.1.56:80 This wont work because the destination IP is on eth1 I didnt see this in the documentation and it took my 5 days to figure it out.... Tested on 6 machines, redhat 9, slackware 9, Latest gentoo build from stage 1. Various brand nic cards. Various compiled kernels. 2.4.18 - 2.4.22 -Jim
