Where should I put this? After the command Barry said for before? John R Pierce wrote: > Barry Brimer wrote: >> iptables -t nat -I PREROUTING -d <public ip address of server> -p tcp >> --dport 5555 -j DNAT --to <private IP address of database server> >> > > as most firewall rule sets have a default FORWARD rule of 'drop', this > is also typically necessary... > > $IPTABLES -I FORWARD -i $EXTIF -o $INTIF -p tcp --dport 5555 -j ACCEPT > > > > where $EXTIF and $INTIF are the external and internal interfaces, such > as eth0 and eth1.