Thanks Marian, The server only has one IP. I think I should add more iptables records, only one NAT record is not enough,isit correct? If yes , then how? 2011-06-26 23:38:58,"Marian Marinov" <mm at yuhu.biz> wrote: >On Sunday 26 June 2011 12:53:07 muiz wrote: >> Dear all, >> I would like to forward a port to an internet server, but failed. can you >> help me? Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6 >> Remote server: IP: a.b.c.d Port: 8181 >> >> >> Forward path: client1(192.168.1.10) -> 192.168.1.250:8080 (forward) -> >> a.b.c.d Port: 8181 ----------------------------------------- >> In Fedora, I successfully to config the firewall using >> system-config-firewall and iptables command: 1. Run system-config-firewall >> 1.1 open local port 8080 >> 1.2 add a forward rule: local 8080 to remote a.b.c.d:8181, tcp >> 2. echo 1 > /proc/sys/net/ipv4/ip_foward >> 3. add a iptables rule: /sbin/iptables -t nat -A POSTROUTING -d a.b.c.d -p >> tcp --dport 8181 -j MASQUERADE That's all. >> >> >> >> >> Thanks ! >You have to use Destination NAT for the job: > >iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to a.b.c.d:8181 >echo 1 > /proc/sys/net/ipv4/ip_foward > >If you have more then one IPs on the local machine its a good idea to specify >the destination -d 192.168.1.250 > >Marian