-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 31 December 2002 07:57, Alex Malinovich wrote: > Here's the rule that I'm using (as spit out by iptables-save): > > -A PREROUTING -d 208.163.68.11 -p tcp -m tcp --dport 6346 -j DNAT > --to-destination 192.168.0.8:6346
Perhaps try to do filtering not based on destination address but on source address. I'm using something like this for my forwarding and it used to work: - -A PREROUTING -s ! 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 6346 - -j DNAT --to-destination 192.168.1.11:6346 Just substitute your internal network(s). - -- Embedded Linux -- True multitasking! TWO TOASTS AT THE SAME TIME! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE+EZgueOF0+zcVdv8RAiIVAJ9GgSN4sRamovuqsGsWeOUGkMiAhACfY3gf XBXKc6Jk5mLymfG35I5ToMQ= =dPw1 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
