--- Sergio Basurto Juarez <sbasurtoj@xxxxxxxxx> wrote: > > --- Ted Gervais <ve1drg@xxxxxxxxxxxxxx> wrote: > > > > > I am new to this list and to iptables generally. > > > > I have a line I am trying to translate into a > > current iptables line that > > will work in my firewall. > > > > ' DNAT net loc:192.168.0.147 udp 5198,5199 ' > > > > If anyone could venture a thought as to how that > > might be translated into > > a current iptables statement I would really > > appreicate it. > > > > I have tried - iptables -t nat -A PREROUTING -i > eth0 > > -d 192.168.0.1 -p tcp > > --dport 5198:5199 -j DNAT --to 192.168.0.147 > > > > That doesn't appear to work so obviously I have > not > > interpreted that line > > correctly.. > > > I experienced a similar problem with a rule like > iptables -t nat -A PREROUTING -d 200.65.184.223 -j > DNAT --to 192.168.0.10 > > and it does not work until I put the rule at the > begining changing the -A to -I > > I do not know exactly why this work but it works. I > guess that the the rules of redirecting should comes > before any other rule. > > > Hope this help. Also check the protocol because in your rule you put udp and in your rule of iptables you choose tcp, you must change your protocol to udp. ===== -- Sergio Basurto J. If I have seen further it is by standing on the shoulders of giants. (Isaac Newton) -- __________________________________ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250
