In regards to the routing, use the "iproute2" tool. http://www.policyrouting.org/ What does your interface configs look like? i.e., ip addr <enter> What does your current routing table look like? i.e., ip route <enter> -- kelly http://home1.gte.net/res0psau/index.html#Hang-Gliding-Stuff -- -- \ / \/ /\ / \ -- -- Quoting Master <account@xxxxxxxx>: Hi, I am new to IPTABLES. I have used Cisco stuff for many years, but am now moving to real world ??? I need to get a DNAT/SNAT in/out working. The IN part seem to be working, but the route OUT seem to be the problem. Example: On the out-side, I have address 10.10.10.40, at port 11022 (SSH) on eth1 I need to NAT this to 192.168.1.101:22 (real port) on eth2 I also need to make sure that the host is able to get out on 10.10.10.40 and not on the default route of route. Can anyone send me a clue on this? Regards, Richard
