On Tue, 2004-11-16 at 11:44, diadicic@xxxxxxxxxxxxx wrote: > Can someone help me understand this? > > I have a firewall setup up with two nic's in it. > > 1 eth0 24.190.x.x which is my Internet connection > 2 eth1 172.16.12.165 which is a local area network. > > I have a web server at 172.16.12.160 âI hope thats clearâ > > Now if I port forward this way it will not work. > > âiptables -A PREROUTING -i eth0 -t nat -p tcp âdport 80 -j DNAT âto > 172.16.12.160:80â > âiptables -A FORWARD -p tcp -d 172.16.12.160 âdport 80 -i eth0 -o eth1 > -j ACCEPTâ > > > But if I do it this way It will work: > > âiptables -t nat -A PREROUTING -p tcp âdport 80 -d 24.190.x.x -i eth0 -j > DNAT --to-destination 172.16.12.160 172.16.12.160â > > âiptables -A POSTROUTING -p tcp âdport 80 -d 172.16.12.160 -j SNAT -o > eth1 âto-source 172.16.12.165â > > > Could anyone please explain why the first way did not work, all the directions I read claim that is how to port forward. because the default gateway of 172.16.12.160 is not 172.16.12.165? -j -- "Oh, so they have internet on computers now!" --The Simpsons
