I have a router where only masquerading and some QOS is enabled. I have a problem with port forwarding HTTP. The only rules I use (sorry for long lines): $IPTABLES -t nat -A POSTROUTING -o ppp0 -j MASQUERADE $IPTABLES -t nat -A PREROUTING -p tcp --dport 10143 -j DNAT --to 192.168.1.2:22 $IPTABLES -t nat -A PREROUTING -p tcp --dport 8888 -i ppp0 -j DNAT --to 192.168.1.2:80 The first DNAT rule works without a problem. I can ssh directly to my machine. But the requests to port 8888 seems not to be answered or come through. To bad I only have switch which has no port mirroring to listen to the whole traffic and find out the problem. Any ideas what I should try or I miss? -- Kai Weber » kai.weber@xxxxxxxxxxx http://www.glorybox.de gpg-key: 0x594D4132