What is not working? That the packets are not being DNATted to 192.168.1.56:80? Ramin On Mon, Sep 15, 2003 at 09:47:39AM -0500, Jim Burnett wrote: > I have found that my destination IP in my rules MUST be bound on eth0 > what is this? I thought I could use any working IP on my internal > network as the --to-destination IP...?? > > Example: > internal machine: > eth0:192.168.1.55 > eth1:192.168.1.56 > > > #1 > iptables -v -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNA > T--to 192.168.1.55:80 > This will work because the destination IP is on eth0 > > #2 > iptables -v -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNA > T--to 192.168.1.56:80 > This wont work because the destination IP is on eth1 > > I didnt see this in the documentation and it took my 5 days to figure it > out.... > > Tested on 6 machines, redhat 9, slackware 9, Latest gentoo build from > stage 1. Various brand nic cards. Various compiled kernels. 2.4.18 - > 2.4.22 > > -Jim > > >
