    iptables forwarding question

    I have setup most of my iptable rules without a problem and they all seem to work fine, except one. The one I am having a problem with is forwarding local traffic heading for our external ip address back to an internal server (port 80). Whatever I do the connection just dies on me. However When connecting from an external location everything works fine and my request is forward to the internal web server. Any ideas?

    If I understand your problem I would guess you're probably only translating the traffic one way. Here's what I think you're trying to do (with made up numbers):

    external ip
    Lan with ips
    Web server ip
    (web server on your internal network)

    web server resolves to even for inside.

    The rules I would use are:

    iptables -t nat -A PREROUTING -s -d --destination-port 80 -j DNAT --to-destination

    iptables -t nat -A POSTROUTING -s -d --destination-port 80 -j SNAT --to-source

    I didn't actually test these but if you got as far as you did you should see what I'm getting at. The packets from the web server need to go back through the gateway rather than directly to the lan computer because as far as the lan computer is concerned it's talking to not

    Hopefully I haven't assumed to much about your setup and this will be of some use.
    Jonathan, you described the problem right. Let me try this out tonight and I will get back to you on how it turned out... Thanks.

    This worked just about flawlessly... I just had to specify TCP as the protocol for it to work. Thanks so much for your help!

    Oops, yeah you need to specify the protocol any time you specify a port. Serves me right for not even checking the syntax before typing them out

    Glad to hear you got it working.
