Hi, it seems it is a simple task, but can't get it going. I want have a couple of private machines accessing a public one (and other way around) through a router/gateway At the moment I do not care about ports (one to one is enough for me), just try to get a ping through in both directions including a change of source and destination ip The default gateways address of the public machine I did set to OUTIP respectively INIP for internal machine. Here is my setup: echo #rc.my.iptables ####network###### #given IP (not yet DHCP) PUP_IP="192.168.10.99" #internal devices (might be a range) NET_IP1="192.168.9.1" ####router####### OUT_INFC="eth0" IN_INFC="eth2" INIP="192.168.9.200" OUTIP="192.168.10.200" ### iptables ##### ##for incoming from puplic ### iptables -t nat -A PREROUTING -i $IN_INFC -s $PUP_IP -d $INIP -j DNAT --to $NET_IP1 iptables -t filter -A FORWARD -s $PUP_IP -d $NET_IP1 -j ACCEPT ###return way ### iptables -t nat -A POSTROUTING -d $PUP_IP -s $NET_IP1 -j SNAT --to $INIP #(have tried without next line) iptables -t filter -A FORWARD -s $NET_IP1 -d $PUP_IP -j ACCEPT ## keep things going, (have tried without)### iptables -A FORWARD -i eth0 -o eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT It does not work in any direction. I am wondering it may have something to do with my route settings: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.10.1 255.255.255.0 UG 0 0 0 eth0 default 192.168.9.1 255.255.255.0 UG 0 0 0 eth2 192.168.10.0 * 255.255.255.0 U 0 0 0 eth0 192.168.9.0 * 255.255.255.0 U 0 0 0 eth2 default 127.0.0.0 0.0.0.0 UG 0 0 0 lo Cheers Klaus _______________________________________________________________________ Jetzt neu! Schützen Sie Ihren PC mit McAfee und WEB.DE. 3 Monate kostenlos testen. http://www.pc-sicherheit.web.de/startseite/?mc=022220
