Hello, Sietse van Zanen a écrit :
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport pop3 -j DNAT --to 192.168.242.129:8110 This rule would NAT all traffic coming into eth0 for port 110 to 192.168.242.129:8110, also traffic to other servers, that might need to be reached on port 110.
That's exactly what John wants : "I want *all POP3 packets* coming in through the gateway wan interface (eth0) to be redirected to the PS1(192.168.242.129 inside the lan) port 8110".
ACCEPT all -- anywhere anywhere This converts your DROP policy to an ACCEPT, doesn't seem wise.
Remember that iptables -L hides some rule parameters such as interfaces. I would not be surprised that this rule actually contains "-i eth1". I strongly suggest John and anyone lists iptables rules with iptables-save instead of iptables -L.
For the rest, your rules should work.
I agree.
