On Thu, Jan 03, 2002 at 09:23:52AM +1100, George Vieira wrote: > I've figured out how to SNAT and DNAT thanks to the help from the previous > post and SLUGGERS who explained it a bit better than the man pages. > My problem now is that I have rules (as below) which allow incoming ports > for TCP, any anything else should be dropped or rejected (-P INPUT DROP). > My problem is that the remote site receives a "telnet: Unable to connect to > remote host: No route to host" instead of just a TimeOut type of message > when attempting to test a port (ie telnet).
probably no help to you but... I had a similar thing where people couldn't get to my webserver from outside yet I could from inside and I was allowing port 80 etc. Telnet from outside in showed the same messages about no route to host. I discovered (or deduced) that it was due to dingo/optus blocking inbound port 80 (and 25 and maybe others). Running my webserver on a different port works fine. Maybe just something to check - that your upstream provider isn't blocking or doing strange routing things to you. Dave. -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
