On Wed, 2004-04-07 at 14:00, bdameron@xxxxxxxxxx wrote: > I have 2 linux machines. One is accessable via the outside world (Internet > machine) the other has no outside connectivity (LAN Machine). I need to redirect > port 443 traffic to and from the LAN server via the Internet machine. Is this > possible with Iptables? I have setup packet forwarding but then the LAN server > tries to connect directly to the client machine instead of to the Internet > machine. Any direction appreciated. having ACCEPT in FORWARD policy do this in the "internet" box echo '1' > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --sport 443 -j DNAT --to LAN_IP:443 iptables -t nat -A POSTROUTING -o WAN_IF -j MASQUERADE and set the "internet" machine as the default gateway of the LAN box. This is a bad idea (its only an approach), perhaps you _must_ read about connection tracking, SNAT and DNAT, then change some policies to DROP and improve these rules. see http://www.netfilter.org/documentation/index.html Regards -- Tus problemas no se pueden resolver en el mismo nivel mental que tenÃas cuando los creaste. Albert Einstein
