hi, i am new on the list, so here comes a newbie question i guess. i hope thats ok. i´ve got a firewall with the following configuration: internet: eth0, 1.2.3.4 lan: eth1, 192.168.0.1 on my lan there are several computers attached that are not supposed to use the firewall for internet-access. they are routed to different internal networks, so they do not (and should not) know about ip 1.2.3.4.5. what i want to do is to forward traffic from my public internetaddress (on eth0) to a specific machine on the lan, lets say 192.168.0.2. normally i just DNAT it like: "iptables -t nat -A PREROUTING -p TCP -i eth0 --dport [port] -j DNAT --to-destination 192.168.0.2:[port]" but now since 192.168.0.2 does not know about 1.2.3.4 packets will not find the way back. so my question is, how do i do that? in some way i want to forward traffic through eth0 -> eth1 -> 192.168.0.2 on a specific port and back the same way. hope you understand the problem. huge thanks, per
