Hello, I have an embedded device (router) with 3 ethernet interfaces; eth0 (192.168.0.1), eth1 (192.168.1.1) and eth2 (192.168.2.1). On it runs ssh server and it is also the default gateway for 192.168.1.0/24 and 192.168.2.0/24 . I do NAT with the following command iptables -t nat -A PREROUTING -d 192.168.0.1 -p tcp --dport 22 -j DNAT --to-destination 192.168.2.2 If I ssh through eth0 (from 192.168.0.3) this gets me to 192.168.2.2 as expected. But if I ssh through eth1 (from 192.168.1.3) to IP 192.168.0.1, I connect to router, meaning there is no DNAT in effect. Is this the intended behaviour? If so, please explain why. The problem here is that I would like to still be able to connect to router directly through eth1 to its 192.168.1.1 address, but connect to 192.168.2.2 if I use the 192.168.0.1 address. Thanks in advance and best regards, Blaz -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
