On Mon, 31 Oct 2005, Buddy wu wrote:
And there is another Interest thing (I'm pained with the "interesting thing")
where I use 'sbin/iptables -t nat -A PREROUTING -d Inet2 -p tcp
--dport 8087 -j DNAT --to 192.168.16.100:8087' rule, I can access
http://Inet2:8087 in the LAN, but I can't access http://Inet2:8087
through Internet(I have a machine direct access to internet)
Please verify the routing on 192.168.16.100. To me the data you have
indicates 192.168.16.100 does not have correct routing for the Internet.
From what I have seen the iptables rules is correct, but all your rules
with NAT to 192.168.16.100 is failing.
Quite likely the NAT and firewall rules as such is working just fine, but
192.168.16.100 does not know what to do with the return traffic.
Regards
Henrik
