arif wrote: > Hi, I am having a hard time trying to figure out why > any packets I am trying to forward to my internal > network are being dropped. I am using the > 'rc.firewall' file that is included in the 'Iptables > Tutorial' > http://iptables-tutorial.frozentux.net/iptables-tutorial.html > > > Everything is fine, except I can't get any packets to > forward to an internal webserver here. I am using this > line: > > > /sbin/iptables -t nat -A PREROUTING --dst 1.2.3.4 -p > tcp --dport 80 -j DNAT --to-destination 10.0.0.3:80 > > When I look at the packet count doing iptables -t nat > -L -v I can see the packet count go up on that rule, > every time i try and connect to port 80. But in my > logs, I see that it matched a logging rule, and shows > up as 'IPT FORWARD packet died", so i guess it is > ending prematurely in the forward chain? Any help > would be greatly appreciated!!! THANKS!!! NATing does not bypass the filter rules. So, insert this: iptables -A FORWARD --destination 10.0.0.3 -p tcp --dport 80 -j ACCEPT > > __________________________________ > Do you Yahoo!? > Yahoo! Search - Find what you're looking for faster > http://search.yahoo.com
