On Thu, 2004-03-18 at 15:26, Stuart Lamble wrote: > Hello netfilter lists > > Can any one help me here. I have the following rule... > > iptables -t nat -A PREROUTING -i ppp0 -p tcp -d $FW-EXT-IP --dport 22 > -j DNAT --to 192.168.100.6:22 > > Simply put I want to allow ssh from the internet to a server on my > LAN, 192.168.100.6 > My FORWARD rule is default accept. > > I understand that a packet comes into the firewall on an interface and > then gets PREROUTED as above the gets passed to FORWARD = accept then > to the destination??? > > Why is it not working? Do i need to do any special kernel, modprobe > things? <snip> Perhaps you were just saving typing but isn't the correct syntax -j DNAT --to-destination 192.168.100.6:22 -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
