On Tue, 2004-10-26 at 06:20, Payal Rathod wrote: > Hi, > I want to access my internal machine from outside. But I am unable to do > so. I tried, > # iptables -t nat -I PREROUTING -d <my_ext_ip> -p tcp --dport > 8081 -j DNAT --to-destination 192.168.0.16:80 that looks ok...keep in mind you'll need to go to: http://<my_ext_ip>:8081 to hit the server from the outside > # iptables -I INPUT -p tcp --dport 8081 -j ACCEPT nope--try: iptables -A FORWARD -p tcp -d 192.168.0.16 --dport 80 -j ACCEPT once PREROUTING is traversed--the packet is forever changed from the perspective of all remaining chains. > # iptables -I FORWARD -s 192.168.0.16 -j ACCEPT i guess the point of that is to allow the replies back? ok, i guess... -j -- Jason Opperisano <opie@xxxxxxxxxxx>
