Im trying to get port forwarding to work with iptables v1.2.3, the firewall sits behind a dsl router which has been setup to forward certain ports(25,113) to the internal network, in my rc.firewall I have the following lines to try to get the smtp server working $IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT $IPTABLES -t nat -A PREROUTING -j DNAT -p tcp --dport 25 --to 10.0.0.247 however I still can not connect to port 25 from the outside world, what do I need to change? I have already verified that the email server has granted access to all and ipchains has been disabled...

You have ---dslrouter--- ---firewall(linux)--- ---internal network--- is this correct? Something like iptables -A FORWARD -i eth? -d 10.0.0.247 \ -p tcp --dport 25 -j ACCEPT iptables -t nat -A PREROUTING -i eth? \ -d $firewall -p tcp --dport 25 -j DNAT \ --to-destination 10.0.0.247 iptables -t nat -A OUTPUT -i eth? \ -d $firewall -p tcp --dport 25 -j DNAT \ --to-destination 10.0.0.247 The tshoot with iptables -L -v -n.

how does troubleshooting with -L -v -n work? I put the following lines in my firewall script iptables -A FORWARD -i eth0 -d 10.0.0.120 -p tcp --dport 113 -j ACCEPT iptables -t nat -A PREROUTING -i eth0 -d $firewall -p tcp --dport 113 -j DNAT --to-destination 10.0.0.120 iptables -t nat -A OUTPUT -i eth0 -d $firewall -p tcp --dport 113 -j DNAT --to-destination 10.0.0.120 and got the error creating rules... Bad argument `tcp' Try `iptables -h' or 'iptables --help' for more information. Bad argument `tcp' Try `iptables -h' or 'iptables --help' for more information.