I have two computers: A.my.edu (IP address: and B.my.edu
( Both A and B are connected to the Internet, but B accepts
incoming packages only from A. (Its shorewall drops packages from
sources other than A).

Whenever a request arrives at port 8123 of A, I would like A to send
it to port 80 of B, then B should reply to the request as it would to
any other request to its port 80, send the reply back to A and then A
should send the reply back to the source.

After inserting this line into the file /etc/shorewall/rules of A

DNAT net loc: tcp 8123 -

and pointing my browser at http://A.my.edu:8123 ,
* I get a "(111) Connection refused" error from server A and
* I can see no new line in the apache2 log file of server B (i.e., B
did not receive the request).

Could you please suggest how I should proceed? Thanks a lot in

best wishes,