[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can't get DNAT to port forward SSH

>>>>> "JB" == Jim Breton <vader@conflict.net> writes:
    JB>  Please refer to my first reply in this thread, I have copied
    JB> the significant portion below.
    JB> 
    JB> Even if you add the rule you show above, its placement in the
    JB> ruleset is important.  If it comes _after_ the rule I mention
    JB> below, it's not going to do any good because the first one to
    JB> match the packet is going to be the only one that matters.
    JB> 

Your point is taken. I changed the 'placement' of the rules so that the
DNAT rule(s) were before the other rules. Still, I am getting the same
results. Forwarding SSH to one of my internal machines doesn't work at
all. I even removed the following rule:

$IPTABLES -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP

but that didn't make any difference.

-- 
Salman Ahmed
ssahmed AT pathcom DOT com
Reply to: