hi all, i've DNATed a ssh client(192.168.10.188) connection from port 8100 of ext_server(192.168.10.189 ext; 192.169.20.108 int ) to port 22 of int_server (192.169.20.111)
with the rules listed below there's no connection between client and int_server. i can make it only with ACCEPT instead RETURN in tcp_inbound_db. follow the rules of int_server INPUT, OUTPUT, FORWARD policy is DROP Chain tcp_inbound_db (1 references) target prot opt source destination ACCEPT tcp -- 192.169.20.108 192.169.20.111 tcp dpt:22 ACCEPT tcp -- 192.168.10.189 192.169.20.111 tcp dpt:22 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 Chain tcp_outbound_db (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 192.168.10.188 tcp spt:22 ACCEPT tcp -- 0.0.0.0/0 192.169.20.108 tcp spt:22 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 any ideas please? thanks a lot in advance lore -- Pino Maiuli Crew -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: SuperEnalotto online: 35.000.000 milioni di Euro. Gioca subito la tua schedina online! Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=5066&d=7-4 _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
