From mboxrd@z Thu Jan 1 00:00:00 1970 From: andrey mirtchovski To: 9fans@cse.psu.edu Subject: Re: [9fans] NAT'ing a drawterm connection In-Reply-To: <87ad9ypbbv.fsf@rgristroph-austin.ath.cx> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Date: Sun, 24 Aug 2003 23:22:11 -0600 Topicbox-Message-UUID: 20fa7d88-eacc-11e9-9e20-41e7f4b1d025 On 25 Aug 2003, Rob Ristroph wrote: > /sbin/iptables -t nat -A PREROUTING -p tcp --dport 567 -i eth0 -j DNAT --to 192.168.1.18:567 > /sbin/iptables -A FORWARD -m state --state RELATED -j ACCEPT that's overcomplicating it, but so is the way of linux... :) > Are those 17xxx connections extablished from drawterm to the cpu/auth > server, or from the Plan 9 computer to drawterm ? from drawterm. andrey ps: i've had the setup pasted in the original mail work for a year already with any significant issues. there's also a NAT rule for the other way around, but more often I leave people logged in to mount the auth server's /net, which is outside the 192 network. i only need to add new ports if they're required (when, for example, you decide that drawterm is too slow and you want to run over a vnc connection).