Grant,
It works! thank you so much! and this tagging/match rule will help me in my
future firewall scripts I'm sure!
-steve
----- Original Message -----
From: "Taylor, Grant" <gtaylor@xxxxxxxxxxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, May 17, 2005 3:50 PM
Subject: Re: udp connection tracking
> > Firstly thank you for your reply!
>
> You are welcome!
>
> > Currently i have a rule in my firewall that DNATS to the client machine,
> > I'm guessing that i will also need to DNAT that single packet but im not
> > sure where to place the rule.
> > could i use the two rules you gave me with this additional one:
> >
> > iptables -t nat -A PREROUTING -i ${INet} -p udp -m
recent --rcheck --seconds
> > 60 --name WSWE8 -- source -j DNAT --to-destination $CLIENT_IP
>
> Yes, you should be able to DNAT like you have suggested. Heads up, you
have "-- source" when it should be "--rsource" in your rule. :)
>
> > thank you again,
>
> No problem. This is what this list is for.
>
>
