The real problem that I'm trying to solve is this: Several hosts need to acces a gov service that uses Java and a certain port. I do not know which machine/machines will run and I don't know what their IP is going to be, due to DHCP. I could limit it to one machine with a fixed IP just to get started though. To test this, I'm experimenting with Nectarine radio, since that is easier than farting around with a government server. If I can't get Nectarine to work, then I have no hope of getting the gov thing to work. On the FORWARD chain, try iptables -v -L FORWARD -t filter. That will isolate just your FORWARD rules. I gather you are not showing ANY active forward rules? Not even your default policy? iptables -L FORWARD -n Chain FORWARD (policy ACCEPT) target prot opt source destination nothing... iptables -t nat -v -L Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destinat ion Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destinat ion Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destinat ion nothing much either... I suppose some modules are missing, but what? What could be needed to make port forwarding work, that is not already loaded to make masquerade work? At least something is working but gawddammit, this doesn't make sense to me. Cheers, -- Herman Oosthuysen B.Eng(E), MIEEE Aerospace Software Ltd. Ph: 1.403.241-8773, Cell: 1.403.852-5545, Fx: 1.403.241-8841 Herman@xxxxxxxxxxxxxxxxxxxxx, http://www.AerospaceSoftware.com
