[WBEL-users] OT iptables DNAT forwarding
Daniel T. Gynn
dan.gynn@essensys.com
Fri, 27 Feb 2004 10:13:50 -0500
--=-9lhF+4RbBQazfvguI1C1
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Thanks Lamar, that is exactly it. If the route isn't going to take it
back through the box that is routing, then you have to add a POSTROUTING
entry as well.
On Fri, 2004-02-27 at 00:33, Lamar Owen wrote:
> On Thursday 26 February 2004 12:52 pm, Daniel T. Gynn wrote:
> > $IPTABLES -A PREROUTING -t nat -p tcp --dport 110 -j DNAT --to $POP3
> > $IPTABLES -A FORWARD -p tcp --dport pop3 -j ACCEPT
>=20
> Run ethereal on it and trace the three-way TCP handshake. If the return=20
> packet isn't from the right IP, then this could be a problem. If that's =
the=20
> case, you need a SNAT rule in POSTROUTING of the nat table to handle that=