Received: with ECARTIS (v1.0.0; list netdev); Sat, 26 Mar 2005 09:30:08 -0800 (PST) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.202]) by oss.sgi.com (8.13.0/8.13.0) with ESMTP id j2QHU3Eg006596 for ; Sat, 26 Mar 2005 09:30:03 -0800 Received: by rproxy.gmail.com with SMTP id c51so973674rne for ; Sat, 26 Mar 2005 09:30:02 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=Z+I9pDvEaIyR4FT053WErDhhinGO2Sr4Ttol5zNcwp7RUqV3C6NNIij7Emn2HvvPYHIW7i2742pGsXRWP6d9yRZULip36llipYBfJ0xUk/OygwuP55ckS3Qpvy/dRj/pJhmYROjlCSBnHrWUdGHIE49mvA6uNxGrGFqc7QvgVOo= Received: by 10.38.126.32 with SMTP id y32mr1141208rnc; Sat, 26 Mar 2005 09:30:02 -0800 (PST) Received: by 10.38.101.42 with HTTP; Sat, 26 Mar 2005 09:30:02 -0800 (PST) Message-ID: <43c5e5aa0503260930732eb697@mail.gmail.com> Date: Sat, 26 Mar 2005 22:00:02 +0430 From: amir_sarbazi Reply-To: backslash46@yahoo.com To: netdev@oss.sgi.com Subject: iptables-problem Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.83/789/Fri Mar 25 21:33:13 2005 on oss.sgi.com X-Virus-Status: Clean X-archive-position: 744 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: amir.sarbazi@gmail.com Precedence: bulk X-list: netdev Content-Length: 633 Lines: 25 Hi all I have a Lan with range IP:192.168.1.0/24 that 192.168.1.3 is my webserver. & have a firewall with 2 eth (eth0:192.168.1.2) & (eth1:217.218.68.20) . I want when firewall get web request packet with eth1 then give it to eth0 & eth0 send packet to 192.168.1.3:80. I used these iptables that SNAT didn't work(Bad argument): iptables -A PREROUTING -t nat -p tcp -d 217.218.68.20 --dport 80 -j SNAT --to 192.168.1.2:80 or(--to-source 192.168.1.3:80) But DNAT is working good: iptables -A PREROUTING -t nat -p tcp -d 217.218.68.20 --dport 80 -j DNAT --to 192.168.1.3 with regards. amir sarbazi