Hi, I agree on your resoning below. I also ran into another problem. Will your earlier suggestion work with SSL? This could look somewhat suspicious from the client side I imagine. Your suggestion was: iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \ -j DNAT --to-destination 65.114.4.69 iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 65.114.4.69 \ -j SNAT --to-source <your external IP address on this machine> PS. In this case, 65.114.4.69, is www.dilbert.com which ofcourse is not the actual case but pure fiction and has no relevance in my actual problem. -----Ursprungligt meddelande----- Från: Andy [mailto:ag1234@xxxxxxxxx] Skickat: den 21 januari 2005 12:36 Till: fedora-list@xxxxxxxxxx Ämne: Re: SV: Port forwarding Jari Marikainen wrote: > I really want the traffic from the target (65.114.4.69) server to > reply directly to the client. We don't need/want any traffic back. Is > your suggestion still valid, or do I need to do modifications to the > lines below? Unfortunately what you say cannot be done, with linux or anything else. Why would a client accept return traffic from 65.114.4.69 when they are talking to 195.198.111.x? Maybe you need a completely different solution, like running a web-server on 195.198.111.x which gives a "301 Moved permanently" or "302 Moved temporarily" answer with an alternative url of http://65.114.4.69 Hope that helps, /Andy -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
