no, it did not work.. could there be some settings in /proc/ who denies portforwarding?
or maybee some problems with the 2.4.5 kernel? anders # -----Original Message----- # From: Joe Ellis [mailto:[EMAIL PROTECTED] # Sent: 6. desember 2001 20:50 # To: Anders Gj�re # Subject: Re: DMZ-firewall # # # try: # iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport # 110 -j DNAT # --to-destination 192.168.10.10 # # # i don't think you need the :110 to tell it which port to # goto. once the # packet is routed to 192.168.10.10, it is up to that machine # to do what # it wants. # # # # # Anders Gj�re wrote: # # > hi. # > # > i have a firewall with 5 nic's # > # > it is firewalling some machines on 2 of the nic's, but now # im setting up # > a new mailserver and webserver. # > # > these should have local ip's, and here is where my problems starts. # > # > ive tried a lot of examples and read a lot of howtos, but # with no luck. # > # > iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport # 110 -j DNAT # > --to-destination 192.168.10.10:110 # > # > and i dont get any output from logging packets, # > # > $IPTABLES -A FORWARD -j LOG # > $IPTABLES -A FORWARD -m limit --limit 3/minute # --limit-burst 3 -j LOG \ # > --log-level DEBUG --log-prefix "IPT FORWARD packet died: " # > # > # > # > # > --_ # > anders gj�re # > +47 414 22 934 # > # > # > # # # -- # Joe Ellis # http://www.lithodyne.net # #
