" it's just not forwarding anything" Add FORWARD rules -d 192.168.0.1 -j ACCEPT -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Juan Hernandez Sent: Monday, November 24, 2003 11:05 AM To: Lista de netfilter Hi there... This may have been answered many times in this mailing list but I haven't found anything on the web about something that would make my server forward the way I want to, and what's ironic is that it seems simple. Here's my scenario: I have a static IP address routed (1.1.1.1) to one server using a 192.168.0.* address. Is a cisco router and everything works fine. This server has 192.168.0.1 as it's address and functions as a web server, everything works fine but, I have another server that works as our mail server that is using 192.168.0.2. I've been trying to redirect everything coming from port 25 to my mail server but it doesn't get any answer. These are the rules I've been using: echo 1 > /proc/sys/net/ipv4/ip_forward modprobe iptable_nat #allow all outgoing traffic from the mail server iptables -t nat -A POSTROUTING -p tcp -o eth0 -j SNAT --to 192.168.0.1 #dnat iptables -t nat -A PREROUTING -p tcp --dport 25 -i eth0 -j DNAT --to 192.168.0.1:25 The gateway on the mailserver is 192.168.0.1 which is the webserver that it's forwarding everything... and I have tried so many things that sometimes the webserver stops working... Using that configuration, if I nmap the webserver it shows that tport 25 is filtered but, if i telnet to taht port I wont get any response... and the mailserver is running perfectly, it's just not forwarding anything Any suggestions would be appreciated... Thanks a lot for your time Juan