Hi! I have a firewall with a number of DNAT rules for various ports/hosts. It would be good if local users could use the same DNAT's. However, as it seems this doesn't work. My firewall has a public IP. Some ports on this IP are DNATed to different hosts on the local network. DNAT works for users that connect from the internet. However, when a local users tries to connect to the public IP and DNATed port, the connection fails. Which is basically logical as the server receives a packet with the source IP of the actual user and it answeres directly to that IP. Is it possible to change netfilter behaviour? Any other work-around for that? Thanks, Danilo
