Thank you for your hint, but the command-line you told doesn't work. The system keeps complaining (unknowg arg --dport). I also tried out the long version --destination-port with the same result. I looked at the manpage and found that iptables should know this argument, so there seems to be a syntax error. Anyone has an idea what is wrong and how the correct syntax is ? thx. Stephan -----Ursprungliche Nachricht----- Von: Andreas Baetz [mailto:andreas.baetz@herma.de] Gesendet: Mittwoch, 9. Januar 2002 08:39 An: suse-security@suse.com Betreff: Re: [suse-security] Re: Masquerading unter Kernel 2.4 On Tuesday 08 January 2002 11:30, OKDesign oHG Security Administrator wrote:
And one last question (okay, at least by now *g*): How do I tell linux to forward requests to a specific port to a specific machine in the LAN ? With Kernel 2.2 I used ipmasqadm, but this order is also unknown to Kernel 2.4...
Look for DNAT in "man iptables".
On your firewall machine you could try :
"iptables -t nat -A PREROUTING -i