On Fri, 18 Jun 2004 17:45:20 +0200 "Arnauts, Bert" <Bert.Arnauts@xxxxxxxxxxxxxxxxxxx> wrote: > Could you please check my config, if I execute this I can not ping my > internal lan ip of this host 172.25.239.208 any more. I think this is > really wierd. Why? These lines: > $IPTABLES -t nat -A PREROUTING -d 172.25.239.220/27 -j DNAT > --to-destination 11.0.0.16 > $IPTABLES -t nat -A OUTPUT -d > 172.25.239.220/27 -j DNAT --to-destination 11.0.0.16 are doing everything to keep ALL packets away from you ;) All outgoing packets (statement 2) are redirected to 11.0.0.16 and all incoming are as well (statement 1)! How do you expect ping to work with that? :-O Kind regards, Leslie
