Ok, this is maybe an odd one. I have a system with a single nic and ip address a.b.c.1 (system A) I want to proxy incoming requests to port 80 to a different system on a different subnet of x.y.z.1 (system B) On system a.b.c.1, I am trying the following in my /etc/sysconfig/iptables: ----------- *nat -A PREROUTING -p tcp --dport 80 -j DNAT --to x.y.z:80 COMMIT ----------- This seems to ALMOST work. The request from a client system (System C) go to System A, get rewritten and are received by system B. System B seems to be responding, trying to send to System C directly, but (I think) System C is expecting its response to be from system A, not System B, so it ignores the responses. At least, I see that kind of traffic with tcpdump on each system. Any help/ideas here? Perhaps there is a different approach other than iptables too. FWIW, I want System A to be able to proxy http, dns and ftp to System B on a different network. Brian Andrus
