On May 8 2007 23:16, Bas Verhoeven wrote: > > OUTBOUND SERVER: > > iptables -t nat -A PREROUTING -p tcp --dport 80 -d <ext_web_ip> -j DNAT > --to-destination <webserver_ip>:80 > > Note: We didn't touch this as it seems to works fine. > > WEBSERVER: You do not need any rules here. The outbound server will do the translation in both directions. > Tried various, from the detailed: > iptables -t nat -A POSTROUTING -s <webserver_ip>-p tcp --sport 80 -j SNAT > --to-source <ext_web_ip>:80 -o eth0 > > To the 'should-be-catching-it-all': > iptables -t nat -A POSTROUTING -s <webserver_ip> -j SNAT --to-source > <ext_web_ip> > > None of those seem to do the thing we want to do tho. > > Some advice would be very welcome. > > Cheers, > Bas Verhoeven > Jan --
