JNAT and SNAT private <-> public, but can't get to port 80 . . .

JNAT and SNAT private <-> public, but can't get to port 80 . . .

[Brian Capouch]

Tried to say it all in the subject line. . . 

Should I expect that when I set up a host that has private IP go out via
a public IP using a SNAT entry (simply: iptables -t nat -A POSTROUTING
-s 192.168.x.y -j SNAT --to-source w.x.y.z) and then use DNAT to allow
the public IP back in (iptables -t nat -A PREROUTING -d w.x.y.z -j DNAT
--to-destination 192.168.x.y) that I not be able to get web traffic to
port 80 through to the machine in question?

That seems to be my unfortunate situation.  Defaults are ACCEPT for
INPUT, OUTPUT, and FORWARD.

I hope this isn't a FAQ or I'm somehow otherwise proving cluelessness
here.  I've read around the web a bit and at least it doesn't seem the
answer is totally obvious. . .

Thanks in advance.

B.

JNAT and SNAT private <-> public, but can't get to port 80 . . .

[hard__ware]

Your problem might be to do with a ESTABLISHED, RELATED

in you Input & Output Chains (i mean you may have to add them)

i have recently posted alot of Pre Writin scripts that will do all this for
you ... :D

if you wish you can look at them Posted all over the Netfilter Page from me
...

or if ya want i can send you my Latest Script , which has alot of these
examples for what you doing ... :D