Please bear with me, this could be slightly lengthy... I have an AppleTV3 sitting behind a Tomato router. A while ago someone figured out how to run Plex (a home theatre program similar to XBMC off of the AppleTV by forwarding the traffic to Apple's trailer app. I have a QNAP NAS box that serves as my media server. I was able tog et this setup and working properly by modifying my tomato router using the following settings: DHCP/DNS: address=/trailers.apple.com/192.168.1.1 address=/atv.plexconnect/192.168.1.1 This sends all the traffic for trailers.apple.com to my router. Someone else came up with this firewall script (run from the firewall section of admin in Tomato): iptables -t nat -A PREROUTING -s 192.168.1.9 -d 192.168.1.1 -p tcp -m multiport --dports 80,443 -j DNAT --to-destination 192.168.1.8:8090 This is where the QNAP comes in. It seems to make use of port 80, and so I needed a way to forward the traffic around the QNAP. In this setup .1 is my router, .9 is the AppleTV, and .8 is my QNAP (media server). This all worked wonderfully for a few weeks, and then Apple modified it so that port 443 was also used. I now need a separate (second) firewall script that will forward port 443 to a different port (8091 for example) in the same way that the above script would forward either port 80 or 443 to port 8090. The QNAP also makes use of port 443 (and won't give it up easily). I am unsure as to how to write these two separate scripts/rules. I have tried the following (unsuccessfully): iptables -t nat -A PREROUTING -s 192.168.1.9 -d 192.168.1.1 -p tcp -m --dport 80 -j DNAT --to-destination 192.168.1.8:8090 iptables -t nat -A PREROUTING -s 192.168.1.9 -d 192.168.1.1 -p tcp -m --dport 443 -j DNAT --to-destination 192.168.1.8:8091 Can the firewall section handle something like this? How would I go about setting this up? Any help would be greatly appreciated.