> # Redirecciono el puerto de las publicas a la privada > iptables -A PREROUTING -t nat -p tcp -i eth2 --dport > 3389 -j > DNAT --to 192.168.0.118:3389 > iptables -A PREROUTING -t nat -p tcp -i eth1 --dport > 3389 -j > DNAT --to 192.168.0.118:3389 > #iptables -A PREROUTING -t nat -p tcp --dport 3389 -j > DNAT --to 192.168.0.118:3389 > #iptables -A PREROUTING -t nat -p tcp --dport 6000 -j > DNAT --to 192.168.0.118:6666 > > When I try to connect from outside to each of my isps, for example ono, > I > see packets entering eth2 and then > going out eth2 immediately without being routed to eth0. > I see dnat has changed the destination ip so packets go out eth2 having > the > source ip from which I'm connecting from (not the ip of the adapter) > and > destination ip 192.168.0.118 (the internal server) but through the > wrong > interface. > These packets should have being sent by eth0 and not eth2. If I connect > to > the other isp, neo, it's the same but packets going out eth1 > instead of eth0. > Any suggestions? Yes, as per the email of a different subject 7 days ago, assign two IP's to the terminal server, route incoming IP on eth1 to IP 1 and incoming IP on eth2 to IP 2. This will simplify the SNAT and use the MARK's that you have set. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
