try something like this $IPTABLES -A POSTROUTING -i $EXTDEV -o $INTDEV -p tcp --dport 9090 -j DNAT --to-destination $INTIP:80
then you will also need $IPTABLES -A FORWARD -p tcp --dport 80 to allow conenctions to port 80 on your internal box. Something like those lines is what i believe you are looking for hope that helps --- Aaron <[EMAIL PROTECTED]> wrote: > Firewall experts, > > Despite searching all of the list archives, I > couldn't come up with a possible solution to this > issue. > > What I would like to do is accept connections from > my external interface on port 9090 and redirect them > to port 80. I do not want connections to port 80 > accepted from outside at all. > > I've read the HOWTOs and the tutorials and I was > satisfied that this recipe might work: > > $IPTABLES -t nat -A PREROUTING -p tcp --dport 9090 \ > -j REDIRECT --to-ports 80 > > But alas, it doesn't seem to. Then it occurred to me > that since the default target of my INPUT chain is > REJECT, that I might need to explicitly accept the > packets that are (now) destined for port 80. But > this produces another problem, which is that I don't > want to accept packets inbound on port 80, I only > want to accept the ones that have been redirected to > port 80. > > How can I set this up? Thanks a lot! > > -- > Aaron Bieber > - > Graphic Design // Web Design > http://www.core-dev.com/ > [EMAIL PROTECTED] > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
