Guido Trentalancia wrote: > Hello ! > > I have the following problem. I need to forward/redirect all connections > to port 25 (smtp) from one host (192.168.3.64) to another host on the > same network (192.168.3.69). > > I am using the following iptables rules: > > -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 192.168.3.69 > -A POSTROUTING -p tcp -d 192.168.1.65 --dport 25 -j MASQUERADE > > and I have also tried the following alternative rules: > > -A PREROUTING -p tcp --dport 25 -j DNAT --to-destination 192.168.3.69 > -A POSTROUTING -p tcp -d 192.168.1.65 --dport 25 -j SNAT --to-source > 192.168.3.64 > > The connections come from an IP-IP tunnel and they are allowed by the > following iptables rules: > > -A INPUT -p 4 -i eth0 -j ACCEPT > -A OUTPUT -p 4 -o eth0 -j ACCEPT > > It used to work until a few days ago. But now it only works from within > the LAN and not from the tunnel. I have not changed any iptables rules > and I have only upgraded the system to the latest kernel (2.6.32.8). > > The version of iptables that I am using is 1.4.3.1. > > Any idea on how to get it back working ? Try logging the packets coming out of the tunnel to see whats wrong. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
