iptables -t nat -A PREROUTING -p tcp --dport 8888 -i eth1 -d EXT_IP -j DNAT --to INT_IP and the rule to allow the packet back iptables -t nat -A POSRTOUTING -s INT_IP -p tcp --sport 8888 -j SNAT --to EXT_IP simple, with this two single rules you can redirect the port to your internal host best regards -- Glaucius Djalma Pereira Junior glaucius@xxxxxxxxx
