On 01/28/2011 01:11 AM, Jatin K wrote:
um target prot opt source destination
2 DNAT all -- 0.0.0.0/0 192.168.131.133 tcp dpt:80
to:192.168.131.131:80
This line doesn't look right. Is it doing DNAT For the host
192.168.131.133 (converting it to 192.168.131.131? This doesn't make
sense as 192.168.131.133 belongs to your internal network.
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 192.168.131.131/24 0.0.0.0/0
192.168.131.131/24 is incorrect. If it's a particular host it should be
192.168.131.131/32 or simply 192.168.131.131. If it's for the network
then it would be 192.168.131.0/24 (proper way to specify network).
And again, just like Tim mentioned, you're not firewalling anything.
At this point you're just basically routing & NATing.
HTH,
Jorge