-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 João Reis wrote: ===
What i need now is to add a forward rule to an internal machine, if everything is ok.
How can i do this ? === I cannot comment on whether your iptables code "is OK" because I'm not familiar with the the "recent" module. But, I'm pretty sure that this is how you forward port 22 from your public-facing interface to port 22 on an internal, private machine:
$IPTABLES -t nat -A PREROUTING -i ${public_iface} -p tcp --dport 22 \ -j DNAT --to-destination ${interal_ip}:22 (Adapted from MonMotha's firewall script, <http://monmotha.mplug.org/firewall/index.php>.) - -- Bernie Hoefer PGP e-mail is welcome! Get my 1024 bit signature key from: <http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x446A6F93>. "The more I know, the more I realize how much I do not understand." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCpR0PckGmqURqb5MRAkPIAJ9MgdjQ27re6IX3KPTbXivarsjeOQCfcBBA LFQ9dtEbjrz/s9TCRrUuOB0= =t+7x -----END PGP SIGNATURE-----