> Could somebody please confirm whether or not I'm doing this right? > > I am using, in my nat table: > > -A PREROUTING -s 192.168.0.0/16 -d 192.168.1.1 -j ACCEPT > > Shouldn't all packets, including ICMP packets, get passed through to > 192.168.1.1 if originating from the local network? IMO only if there's no rule on top of this one that does NAT. Is there ? In that case this rule will never be reached. What do the byte counters for this rule say when you execute : iptables -nvL PREROUTING > BTW, I'm not sure why I can communicate with the 192.168.2 subnet, but > not my 192.168.1 subnet... Only the machine directly connected to > 192.168.1.1 is able to communicate with it... > > My routing table looks like this: > > bla bla bla > 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 > bla bla bla > > which seems correct. Did you tcpdump anything to see what's going on ? Not having your complete routing table and ruleset it's hard to tell if everything is setup correctly. Gr, Rob
