> What do your LOGging rules say? Is it possible that you are trying to LOG > packets addressed to aaa.aaa.aaa.12, and therefore the rules no longer see > the packets once the address has been changed to aaa.aaa.aaa.13? That's a good point. I checket it also over several times. Thats why I also tested and wrote, that I see packets if I try to connect to aaa.aaa.aaa.13 I added 2 logging rules for every logging point from a) to d). For example exact logging rules for a) are : iptables -t nat -A PREROUTING -s nnn.nnn.nnn.nnn -d aaa.aaa.aaa.12 -j LOG --log-prefix " ipt nat pre " iptables -t nat -A PREROUTING -s nnn.nnn.nnn.nnn -d aaa.aaa.aaa.13 -j LOG --log-prefix " ipt nat pre " where nnn.nnn.nnn.nnn is a computer from where I connect behind other ISP. It should not be relevant, but the port I try to connect for testing right now is ssh. I try to connect with telnet aaa.aaa.aaa.12 22. both .12 and .13 have ssh servers up and running. Raido
