Pascal Hambourg a écrit :
Brent Clark a écrit :itachi@cnt.uo.edu.cu wrote:iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPTYou forgot the FORWARDi.e. iptables -t filter -A FORWARD --dst 10.30.142.12 -p tcp --dport 80 -J ACCEPTAccording to the above, FORWARD default policy is already ACCEPT.
Besides, as FORWARD takes place after PREROUTING which contains the DNAT rule, it should be "--dst 10.30.143.1".
And for completeness, if the default policy was DROP, a second rule matching the return traffic would be necessary.