Everything appears to work except for some log messages that I'm getting down below.
Does anyone know what causes these to happen? ".254" is the firewall and ".3" is a SNAT/DNAT server and ".1" is a MASQUERADED server. Is the way I've done it below incorrect, should I put rules for ESTALISHED,RELATED??? "Jan 4 13:19:03 firewall kernel: NAT: 3 dropping untracked packet c68c4220 1 192.168.0.254 -> 192.168.0.1" $IPTABLES -A POSTROUTING -o $EXTDEV -t nat -s $SERVERINT -j MASQUERADE "Jan 4 13:19:03 firewall kernel: NAT: 3 dropping untracked packet c304ed40 1 192.168.0.254 -> 192.168.0.3" $IPTABLES -A POSTROUTING -o $EXTDEV -t nat -s $WWWINT -j SNAT --to $WWWEXT # Mangle: internal users to internal WWW server $IPTABLES -A PREROUTING -i $INTDEV -t nat -p tcp -d $WWWEXT --dport 80 -j DNAT --to $WWWINT $IPTABLES -A POSTROUTING -o $INTDEV -t nat -p tcp -d $WWWINT --dport 80 -s $INTSN -j SNAT --to $FIREWALLINT # Other external Services $IPTABLES -A PREROUTING -i $EXTDEV -t nat -p tcp -d $WWWEXT --dport 80 -j DNAT --to $WWWINT $IPTABLES -A PREROUTING -i $EXTDEV -t nat -p tcp -d $WWWEXT ! --syn -j DNAT --to $WWWINT thanks, George Vieira Systems Manager Citadel Computer Systems P/L -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
