On Monday, June 27, 2011 03:15 PM, Ljubomir Ljubojevic wrote: > muiz wrote: >> Chain FORWARD (policy ACCEPT) >> target prot opt source destination >> REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Culprit right here. You need to allow connections to a.b.c.d. >> >> Chain OUTPUT (policy ACCEPT) >> target prot opt source destination >> ------------------------------------------------------------------------------------------------------------- >> >> >> To Ljubomir: >> The remote server a.b.c.d services port 8181. And local server forward >> its port 8080 to remote 8181. >> > > Please do not top post, write your answers bellow the text, like us. and TRIM!!!! > > > This is what you posted: > > I check the Fedora iptables setting: /etc/sysconfig/iptables files: > > > > :POSTROUTING ACCEPT [0:0] > > > > -A PREROUTING -i eth+ -p tcp --dport 8080 -j DNAT --to-destination > > a.b.c.d:8080 .... > > > > :OUTPUT ACCEPT [0:0] > > > > -A FORWARD -i eth+ -m state --state NEW -m tcp -p tcp -d a.b.c.d --dport > > 8080 -j ACCEPT > > "--to-destination a.b.c.d:8080" means your Fedora box is redirecting > traffic to remote port 8080, not 8181 like you asked on this list. > Oh, dealing with it now are you?