ok... new issue

in rc.firewall i need to have access to my windows machines via remote desktop...

I have this working for one machine, but can't seem to get it working for the other.. could be a syntax error. I'm kinda new to iptables so any help would be wonderful

this works for the one computer:
this is the route that doesn't work.. what am I doing wrong?

What error do you get when you try that command?

I can't see anything wrong with it (although I'm not *that* familiar with Port Address Translation using iptables). If the rule inserts itself in iptables correctly (without error) then the problem is probably external (port 3391 is not open to the internet either on the computer or whatever hardware you're using, ADSL Router etc. or port 3389 on the second computer is closed etc.)

It could also be that you don't have all the modules necessary loaded but chances are that iptables would throw out all sorts of obvious errors if that is the case.

Additionally, I'm not sure whether such PAT works from the localhost (i.e. if you are ON the machine running those iptables rules, it may bypass such rules)... this is something you would have to check yourself by testing from an external computer.

You could try using www.grc.com's shieldsup to see if your port 3391 is open to the world.

perhaps you are missing the appropriate FORWARD rule to handle the DNATed packets...

nope.. it's in the file.. i actually got this working using this in addition to my normal rc.firewall config

now if only i can figure out how to have XXXX.XXXXXXX.com point to my.ip.ad.dy:3390 so i can remote desktop to the different machines with dns... any ideas?

huh?? i don't follow... how about you post your rc.firewall script instead so we can see what's going on...??


there's tons of companies that offer this service... for example:
http://www.no-ip.com/