Le mardi 17 janvier 2006 à 10:11 +0100, Gaël Lams a écrit : > What is not clear to me, even after reading man pages, netfilter.org > documentation, and various tutorials, is what rule to write to have > the packets (the ones sent back to who made the request) moved from > port 8080 to port 80. No rule. Once a connection has been registred as NATed by conntrack, any packet belonging to this connection will be handle automaticly by conntrack/nat subsystem. That's why you only see connections first packet in nat table. You need a rule in POSTROUTING only if your proxy is to establish connections to otheres hosts. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!