Here's something to keep in mind on NAT, it only works if the NAT box is
in-between both systems or you can double-NAT.
Take this example:
NAT BOX
|
-----------------
| |
SYS A SYS B
A connects to NAT A's connection looks like this:
From: A:Portx
To: NAT:Porty
NAT NATs the packet to send it to B, the packet now looks like this:
From: A:Portx
To: B:Porty
When B replies to the connection his packet looks like this:
From: B:Porty
To: A:Portx
When this packet arrives at SYS A it doesn't recognize the connection,
it's expecting all return packets to look like this:
From: NAT:Porty
To: A:Portx
To make it work you have to double-NAT the packets. You have to NAT the
PREROUTING to change the "TO", and the POSTROUTING to change the "FROM".
