Re: Help, Simple forward doesn't work!

[Evgeniy Kozhuhovskiy]

S. C. wrote:
And what about SNAT rule?
I do it so for smtp:
iptables -t nat -A POSTROUTING -p tcp -s 192.168.1.202 --dport 25 -j 
SNAT --to-source $EXTERNAL_IP
iptbles -t nat -A PREROUTING -p tcp -d 192.168.4.1 --dport 25 -j DNAT 
--to-destination $INTERNAL_SMTP_SERVER

$EXTERNAL_IP - my ip from internet
$INTERNAL_SMTP_SERVER - my smtp server in localnet
Hello list,
I want to forward eth0 port 80 to another merchine, however It doesn't 
work. Any one can figure out anything wrong in my steps?

My merchine eth0 is 192.168.8.50
modprobe iptable_nat
echo "1">/proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 
192.168.8.55:80

I enter "iptables -L" and it shows all default policy are accept.
apple:/# iptables -L -n -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
to:192.168.5.55:80

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
However, I use linx to http://192.168.5.50 <http://1.1.1.1:8080/>, I got 
"lynx: Can't access startfile http://192.168.5.50/";
I can browser 192.168.5.55 directly using lynx.

Anyone can help me. Do I missing something?
I've been suck in this problem for 2 weeks.
The iptables version is 1.2.11.
Regards
Simon Chen.


--
WBR, Evgeniy Kozhuhovskiy,
         System Administrator of Generation_P (www.generation-p.com)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]