Le mar 20/04/2004 à 18:33, udo a écrit : > $path_iptables -t nat -A PREROUTING -p tcp -i $ext_if > -s 0/0 -d $ext_ip --dport 222 -j DNAT --to > 127.0.0.1:22 Something is quite wierd here. You say you want to run an unprivilieged SSHd, so it won't be able to bind port 22... So, please rephrase if I'm wrong, but I guess you want to redirect connections to port 22 to 127.0.0.1, port 2222. You seems very confused about what you want to achieve, and the way you're trying to do it. BTW, do not DNAT to 127.0.0.1. Use REDIRECT that is designed for this very need : iptables -t nat -A PREROUTING -p tcp -i $ext_if \ -d $ext_ip --dport 22 -j REDIRECT --to-ports 2222 Please correct me if I'm wrong. For other mistakes, see Antony's answer. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
