On 01/28/2011 01:11 AM, Jatin K wrote:
um target prot opt source destination 2 DNAT all -- 0.0.0.0/0 192.168.131.133 tcp dpt:80 to:192.168.131.131:80
This line doesn't look right. Is it doing DNAT For the host 192.168.131.133 (converting it to 192.168.131.131? This doesn't make sense as 192.168.131.133 belongs to your internal network.
Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE all -- 192.168.131.131/24 0.0.0.0/0
192.168.131.131/24 is incorrect. If it's a particular host it should be 192.168.131.131/32 or simply 192.168.131.131. If it's for the network then it would be 192.168.131.0/24 (proper way to specify network).
And again, just like Tim mentioned, you're not firewalling anything. At this point you're just basically routing & NATing.
HTH, Jorge