Hi guys, I've setup a centos-5.2 server (eth1 facing the internet) with a simple port forwarding where it forwards port 8081 to my internal box' (192.168.0.2) port 8080.
$ lsmod |grep iptable iptable_mangle 6849 0 iptable_nat 11205 1 iptable_filter 7105 1 ip_nat 20973 2 iptable_nat,ip_nat_ftp ip_conntrack 53153 5 xt_state,iptable_nat,ip_nat_ftp,ip_nat,ip_conntrack_ftp ip_tables 17029 3 iptable_mangle,iptable_nat,iptable_filter x_tables 17349 8 xt_limit,xt_pkttype,ipt_REJECT,xt_tcpudp,xt_state,ipt_LOG,iptable_nat,ip_tables $ sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 my rules: $IPTABLES -P INPUT ACCEPT $IPTABLES -P FORWARD ACCEPT $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t mangle -P PREROUTING ACCEPT $IPTABLES -A INPUT -p tcp -m tcp --dport 8081 -j ACCEPT $IPTABLES -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 8081 -j DNAT --to-destination 192.168.0.2:8080 $IPTABLES -I FORWARD -p tcp -d 192.168.0.2 --dport 8080 -j ACCEPT after running the rule: $ iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere anywhere tcp dpt:tproxy to:192.168.0.2:8080 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination What is wrong with my rules? Did I miss something? Pls help.... linuxcook
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
