I am using 2.6.19.2. An intermediate tcp proxy method doesn't sound so nice, since iptables is way more flexible to me :-/ Andy -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Pascal Hambourg Sent: Friday, January 26, 2007 23:50 To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: port forwarding through localhost Andy B. a écrit : > Sorry about the "3333", it was a typo. Of course I meant 3306. > > My rules are working when we are talking about the external interfaces > (eth0), and the SQL Server is responding when talking directly to 10.0.0.100 You didn't say what is the kernel version. If it is >= 2.6.11, you're stuck. As I suggested to someone else having the same problem as you, instead of using a DNAT rule you may use a TCP "proxy" such as stone (<http://www.gcd.org/sengoku/stone/>, supports UDP too) or 6tunnel (<http://toxygen.net/6tunnel/>, originally designed to relay connections between IPv6 and IPv4 hosts but works between IPv4 hosts too) which listens on the local port 3306 and relays the local connexions to the remote SQL server.
