> > So, here are the rules again. > > > > iptables -t nat -A PREROUTING -i eth1 -s > > 192.168.10.0/24 > > -p tcp --dport 80 -j REDIRECT --to-port 8080 > > > > iptables -t filter -A FORWARD -i eth1 -s > > 192.168.10.0/24 > > -p tcp --dport 80 -j ACCEPT > it's meant 80 or 8080? i was try with 80 & 8080 but no > different. it means port 80. NOT port 8080. it says forward all traffic destined to port 80. anyway, What about uotput rules in your firewall. do you have something like this. iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -s 192.168.10.0/24 -j SNAT --to-source externalipofirewall pls add above SNAT rule and change externalipofirewall to your external ip adress 192.168.10.10 is the Local ip of your firewall. it should be your gateway off all clients. and also add dns entries to your clients pcs. then, try it again. GOOD LUCK > > > iptables -A INPUT -i eth1 -d 192.168.10.10 -p tcp -s > > 192.168.10.0/24 --dport 8080 -j ACCEPT > > another url -- Thank you Indunil Jayasooriya