Hi everyone, I have a question about PREROUTING and FORWARD. I use those rules(amongst others) to reach the FTP server on the LAN: $IPTABLES -t nat -A PREROUTING -p tcp -d $INET_IP -i ppp0 --dport 21 -j DNAT --to $FTPSRVIP $IPTABLES -A FORWARD -i ppp0 -o $LAN_IFACE -p tcp -d $FTPSRVIP--dport 21 -m state --state NEW -j ACCEPT $IPTABLES -A FORWARD -i ppp0 -o $LAN_IFACE -p tcp -d $FTPSRVIP--dport 20 -j ACCEPT $IPTABLES -A FORWARD -i ppp0 -o $LAN_IFACE -p tcp -d $FTPSRVIP--dport 1024:65535 --sport 1024:65535 -j ACCEPT Does this mean that all traffic coming from the internet for ports 1024:65535 will be forwarded towards the FTP server ports 1024:65535 ? What about traffic for ports 1024:65535 that should go to other clients on the LAN ? Is it going to be forwarded to the FTP server as well ? If yes, how could I forward only FTP traffic to the FTP server ? I hope I make sense. Thanks for any help __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/
