-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 20 May 2004 15:22, Antony Stone wrote: > You need to make sure that the reply packets go back through the firewall, > as well as the forward packets. The easiest way to do this is by adding a > SNAT rule so that as far as the destination server is concerned, the > packets came from the firewall, not the real client, and therefore the > server sends the replies back to the firewall (which then reverse-NATs them > and returns the replies to the original client machine). > > Therefore in your case something such as: > > iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -d 192.168.0.0/24 -j SNAT > --to 192.168.0.1 But, i think, i need to add other rules because the original connection came from 192.168.0.x to 151.8.47.x, right ? Let me know. Thanks a lot ! Oz - -- A new supply of round tuits has arrived and are available from Mary. Anyone who has been putting off work until they got a round tuit now has no excuse for further procrastination. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFArMLAYuBSFbgkEysRAtYHAJ9dGGKWf4KK3LgTVbe7dnPcWvS6ggCcDKy9 /bErxaNGbSQzlE/sS0HpRmo= =+z9F -----END PGP SIGNATURE-----
