Hello List! I made this rule for portforwarding: (1) iptables -t nat -I PREROUTING -i $ext_if -p tcp --dport $port -j DNAT --to $local_ip:$local_port But a client connection from outside on that specified service port couldn't be established. iptables -vL shows me not a single packet has hit that rule and therefore didn't pass through the FORWARD chain which of course has to be set to ACCEPT by default or in my case when DROP is default another rule like (2) iptables -I FORWARD -i $ext_if -o $int_if -p tcp --dport $port -j ACCEPT is needed. ip_forward is enabled. Anyone having an advice? Regards! Dominique
<<attachment: winmail.dat>>