On Mon, Dec 31, 2001 at 07:29:54PM +0930, Paul Campbell wrote: > Hi all, > just a few questions regarding PREROUTING and DNAT > > I have a working firewall that MASQUERADES but I seem to be getting > conflicting info with the PREROUTING chain
Could you be a little more specific? What conflicts where, and what behavior are you getting? > One howto mentions that each PREROUTING rule must have a corresponding > FORWARD rule. Right. You apply DNAT before a packet ever sees a forward table, so you forward to the internal machine. > Another mentions something about ipnatctl table handling the NAT side of > things I'm not so sure about this. I've done both DNAT and SNAT without ever touching ipnatctl. There is an outdated ipnatctl HOWTO at http://www.linuxguruz.org/iptables/howto/ipnatctl-HOWTO.html. Maybe ipnatctl went away at some point? From the HOWTO, it looks like it does/did the NAT functions that iptables does. > Rusty's howto mentions DNAT and I have made a few rules to allow MSN Gaming > Zone to be DNAT'ed to a WIN 98 m/c . All modules seem to have been loaded. > If someone can help it would be greatly appreciated. Please find attached > rc.firewall script.....I have commented out a lot of rules until I can get > the PREROUTING working.... > > When I do a iptables -L the nat table doesn't show up.....thanks in advance > Try `iptables -t nat -vn -L`. The -t nat should be obvious, the v is verbose (gives you better interface info), and the n disables DNS lookups. HTH - Jeff -- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
