On Tue, 13 Dec 2011 10:07:41 -0500 cliff here <c4ifford at gmail.com> wrote: > sorry that's watch -n 1 'iptables -t nat -L -n -v' <snip> > > But if not mistake about what your intent is your forwarding rules that > > you have in prerouting should be in INPUT chain. > > You're trying to come in from an outside net to your FW and be forwarded > > to what you have NAT'd behind it right? absolutely. I've updated fpaste with /etc/sysconfig/iptables Thanks.