Re: DMZ to DMT through ROUTER problem !

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 20 May 2004 6:34 pm, Antony Stone wrote:

> On Thursday 20 May 2004 5:32 pm, O-Zone wrote:
> >
> > $IPTABLES -t nat -A PREROUTING -p TCP -i $INET_IFACE -d $SIENA_IP -m
> > multiport - --dports 25,53,80,110 -j DNAT --to-destinati$
> > $IPTABLES -t nat -A PREROUTING -p UDP -i $INET_IFACE -d $SIENA_IP -m
> > multiport - --dports 53 -j DNAT --to-destination $DMZ_SI$
>
> Your PREROUTING DNAT rules specify the input interface (-i $INET_IFACE),
> therefore they do not apply to packets arriving on any other interface.

The same applies to your FORWARDing rules as well, by the way, so these will 
need changing before the packets can get through your firewall to their 
destination.

Regards,

Antony.

-- 
People who use Microsoft software should be certified.

                                                     Please reply to the list;
                                                           please don't CC me.



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux