Hello List! I am trying to redirect (NAT) to a internal ftp box (but both have a public ip). I am using those rules: modprobe ip_conntrack_ftp ports=21,2121 modprobe ip_nat_ftp iptables -t nat -A PREROUTING -d $FW -p tcp --dport 2121 -j DNAT --to $FTP:21 iptables -A POSTROUTING -t nat -d $FTP -p tcp --dport 21 -j SNAT --to $FW:2121 They kind of worked for a while. The forwarding of port 21 to 2121 worked one out of 10 times maybe. Now the packets dont get forwarded at all anymore. /proc/sys/net/ipv4/ip_forward is set to 1. Default policy is set to ACCEPT when i am testing it. With tcpdump i see the packets coming in, but they don`t get forwarded. Any idea what i am doing wrong? Cheers, Mario -- Sparen beginnt mit GMX DSL: http://www.gmx.net/de/go/dsl
