It has been a really long time since I have worked directly with iptables, so I am more than a little rusty. The syslog (or systemd equivalent) should tell you what happened to those packets. You can use the -j LOG --log-level X change the verbosity.
iptables -t nat -A POSTROUTING --out-interface eth1 -j MASQUERADE I think you are missing a directive to jump to actually forward the port (I also wonder if the ACCEPT line could be simplified): iptables -A FORWARD --in-interface camera0 -j ACCEPT iptables -t nat -A PREROUTING -p tcp -i camera0 --dport 10000 -j DNAT --to-destination 10.0.0.1:10000 If the above does not help, I am going to have to research this more since I vaguely remember having to use iptables mangle capabilities to rewrite packets to route properly. I have not needed any crazy networking since before the last financial meltdown so my recollections are a little foggy. This era also pre-dates my love affair with git so there is not a lot of code that I can look back on. Hth, On Sun, Mar 29, 2015 at 9:47 PM, <si...@mungewell.org> wrote: > > You could create virtual or dummy interfaces > > Unfortunately the cameras don't appear to support IPv6. This is not > production, just me trying to prove that our library will cope OK with > multiple cameras. > > So I tried the following... > -- > #!/bin/bash > > # Ensure that NAT is enabled > modprobe iptable_nat > echo 1 > /proc/sys/net/ipv4/ip_forward > > # For each of the WLAN interfaces (map wlan0 -> camera0) > # Camera presents webserver on: > # http://10.0.0.1:10000/sony/camera > > ip li add camera0 type dummy > ip link set camera0 up > ip addr add 192.168.0.1/24 dev camera0 > > iptables -t nat -A POSTROUTING -o camera0 -j MASQUERADE > iptables -A FORWARD -i wlan0 -o camera0 -j ACCEPT > iptables -A FORWARD -i camera0 -o wlan0 -m state --state > RELATED,ESTABLISHED -j ACCEPT > iptables -A FORWARD -i camera0 -p tcp -d 10.0.0.1 --dport 10000 -j ACCEPT > -- > > I was (still) able to browse to 'http://10.0.0.1:10000/sony/camera', but > when I tried 'http://192.168.0.1:10000/sony/camera' I got nothing - and > tcpdump on the wlan0 interface showed no traffic. > > Simon > > > > _______________________________________________ > clug-talk mailing list > clug-talk@clug.ca > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying >
_______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
