[Shorewall-newbies] DNAT problem

Helio L. Filho heliolino at uol.com.br
Sun Feb 22 19:39:06 PST 2004


	
 I have a problem using DNAT rule : 
    I'm trying to routing a request on port 9000 in the firewall and send to 
an internal host on port 80 . 

the rule i've set 

ACCEPT net fw tcp 9000
ACCEPT net loc:192.168.1.40   tcp     www

DNAT net    loc:192.168.1.40    tcp     80     9000   200.221.x.x 
what's wrong ? i cannot be conected from external word . !! 



but if i use the following rule at the prompt 
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9000 -j DNAT --to 
192.168.1.40:80  it's work fine !!!    



More information about the Shorewall-newbies mailing list