On Wed, 2004-06-23 at 10:08, Brett Simpson wrote: > I've tried a number of different PREROUTING and POSTROUTING rules and can't seem to make this work. > > I have a system with a single nic (eth0). While I'm on the system via a shell I would like to connect to 127.0.0.1:6000 and get seemlessly translated to 207.156.7.15:80. > > I tried the following without success: > > iptables -t nat -A PREROUTING -p tcp -d 127.0.0.1 -i lo --dport 6000 -j DNAT--to-destination 207.156.7.15:80 > iptables -t nat -A POSTROUTING -p tcp -d 207.156.7.15 -o eth0 --dport 80 -j SNAT --to-source 127.0.0.1 Hmmm . . . not sure, never tried it. What happens if you move your first rule to -t nat OUTPUT instead of -t nat PREROUTING? -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
