[CentOS] A little iptables help

Wed Sep 28 16:46:50 UTC 2005
Aleksandar Milivojevic <alex at milivojevic.org>

Quoting Kirk Bocek <t004 at kbocek.com>:

> I did this successfully providing external SSH access to a collection 
> of hosts on a private network. However for this to work, the hosts on 
> the private net also need to be doing SNAT back out through the 
> firewall.

Unless you are doing something funky, SNAT is not needed.  All he needs 
is DNAT.
Netfilter should take care of returning packets automagically (unless, as I
said, you are doing something funky and confusing Netfilter with it).

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.