Re: [plug] port forwarding not functioning

Mon, 26 Jan 2009 03:05:15 -0800 

Hi edel...

Yep it's weird...

I'm accessing the forwarded port from remote network. Should I disable
SELINUX on the internal box too just like what I did with the gateway box?


On Mon, Jan 26, 2009 at 4:43 PM, Edel SM <sier...@gmail.com> wrote:

> On Mon, Jan 26, 2009 at 9:23 AM, Linux Cook <linuxc...@gmail.com> wrote:
> > Hi guys,
> >
> > I've setup a centos-5.2 server (eth1 facing the internet) with a simple
> port
> > forwarding where it forwards port 8081 to my internal box'  (192.168.0.2)
> > port 8080.
> >
> > $ lsmod |grep iptable
> > iptable_mangle          6849  0
> > iptable_nat            11205  1
> > iptable_filter          7105  1
> > ip_nat                 20973  2 iptable_nat,ip_nat_ftp
> > ip_conntrack           53153  5
> > xt_state,iptable_nat,ip_nat_ftp,ip_nat,ip_conntrack_ftp
> > ip_tables              17029  3 iptable_mangle,iptable_nat,iptable_filter
> > x_tables               17349  8
> >
> xt_limit,xt_pkttype,ipt_REJECT,xt_tcpudp,xt_state,ipt_LOG,iptable_nat,ip_tables
> >
> > $ sysctl -p
> > net.ipv4.ip_forward = 1
> > net.ipv4.conf.default.rp_filter = 1
> > net.ipv4.conf.default.accept_source_route = 0
> >
> > my rules:
> >
> > $IPTABLES -P INPUT ACCEPT
> > $IPTABLES -P FORWARD ACCEPT
> > $IPTABLES -t nat -P PREROUTING ACCEPT
> > $IPTABLES -t mangle -P PREROUTING ACCEPT
> >
> > $IPTABLES -A INPUT -p tcp -m tcp --dport 8081 -j ACCEPT
> > $IPTABLES -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 8081 -j DNAT
> > --to-destination 192.168.0.2:8080
> > $IPTABLES -I FORWARD -p tcp -d 192.168.0.2 --dport 8080 -j ACCEPT
> >
> > after running the rule:
> >
> > $ iptables -t nat -L
> >
> > Chain PREROUTING (policy ACCEPT)
> > target     prot opt source               destination
> > DNAT       tcp  --  anywhere             anywhere            tcp
> dpt:tproxy
> > to:192.168.0.2:8080
> >
> > Chain POSTROUTING (policy ACCEPT)
> > target     prot opt source               destination
> >
> > Chain OUTPUT (policy ACCEPT)
> > target     prot opt source               destination
> >
> > What is wrong with my rules? Did I miss something?
> >
> > Pls help....
> >
> > linuxcook
> >
>
> seems nothing's wrong. are you trying to access the forwarded port
> from inside (192.168.0.0/24)? if you cant get traffic back that's
> normal.
>
> >
> >
> >
> > _________________________________________________
> > Philippine Linux Users' Group (PLUG) Mailing List
> > http://lists.linux.org.ph/mailman/listinfo/plug
> > Searchable Archives: http://archives.free.net.ph
> >
>
>
>
> --
> edel
>

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph

Reply via email to