try these: # Windhoos Terminal Server $IPTABLESCMD -t nat -A PREROUTING -p tcp --dport 3389 -i $EXTIF -j DNAT --to 10.0.0.2:3389 $IPTABLESCMD -A FORWARD -i $EXTIF -o $INTIF -p tcp --dport 3389 -d 10.0.0.2 -j ACCEPT
these MUST work, because they work here. first make the prerouting actual work (eg the portmapping) and then allow it in the forward chain (no entierly nec. if the default policy is drop in forward, but this is at least at my config the situation...) hope it will work now otherwise, please post your entiry firewall script have a good day jaap crezee Jack Bowling wrote: > ** Reply to message from Stewart Thomspon <[EMAIL PROTECTED]> on Sun, 07 > Apr 2002 21:36:57 -0700 > > > >>Hi Ian: >> >> I am having the same problems with DNAT and forwarding. So, if you find a >>solution I would like to hear about it. >>I am using Redhat 7.2 Kernel 2.4.9-31 iptables 2.4.9-31 with the following >>lines in my firewall script. These are the first rules >>and all the remaining rules follow them. >> >>iptables -t nat -A PREROUTING -i EXTIF -s $ANYWHERE \ >> -p tcp -d $EXTIP --dport 23 -j DNAT --to $TELNET > > > > Stew - Perhaps it is just syntax. Try "--to-destination $TELNET" instead of the > short version and see if it works. > > jb > -- Met vriendelijke groeten, Jaap Crezee Tel: +31(0)6 1066 27 97 Msn: [EMAIL PROTECTED] Icq: 85373921
