Re: iptables rule doesn't work

[Arno van Amersfoort <arnova@xxxxxxxxxxxxxxxxxxxxxxxxx>]

Because you also need a FORWARD rule (I guess).... Something like

iptables -A FORWARD -i eth0 -o {your_lan_eth} -p tcp --dport 80 -j ACCEPT

Antonio Di Bacco wrote:
> I receive on an interface (eth0, NOARP , ipaddr: 192.168.0.20 ) a tcp packet 
> in this way (I have dumped it with tcpdump):
>
> SRC: 192.168.0.21:6000 
> DST: 192.168.0.21:80
>
> I have an iptables rule:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT 
> --to-destination 192.168.0.20:80
>
> Why my web server listening on eth0 doesn't receive it?
>
> Thank you,
> Antonio.
>
>   

--
Ing. A.C.J. van Amersfoort (Arno)
Department Of Electronics (ELD, k1007)
Huygens Laboratory
Leiden University
P.O. Box 9504
Niels Bohrweg 2
2333 CA Leiden
The Netherlands
----------------------------------------------------------------
Phone : +31-(0)71-527.1894   Fax: +31-(0)71-527.5819
E-mail: a.c.j.van.amersfoort@xxxxxxxxxxxxxxxxxxxxxxxxx
----------------------------------------------------------------
Arno's (Linux firewall) homepage: http://rocky.eld.leidenuniv.nl