Boštjan Jerko wrote: > On 8.1.2008, at 12:52, Tadej Slemc wrote: > >> iptables -t nat -D PREROUTING -i eth0 -p tcp -m tcp --dport 1025 -j >> DNAT --to-destination 192.168.0.10:1025 >> >> nekaj takega bi moralo dlati >> >> T. >> > > Verjetno -A PREROUTING, ampak mi ne deluje.
ja... al -A al pa se raje -I, ce mas pol kak restriktivn rule k onemogoci da pride sploh kak paket do njega v tem chainu... lahk posljes izpisesk iptables-save (magar privat) pa da vidmo kaj se da narest. Drgac pa potrebujes sledece pogoje... - ip_forward na 1 - rule z DNAT-om - ce mas v filter tabeli v forward chainu kje kak DROP, mors se to omogocit naceloma bi moralo delati sledece: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -I PREROUTING -p tcp --dport 1025 -j DNAT \ --to-destination 192.168.0.10 iptables -I FORWARD -p tcp --dport 1025 -j ACCEPT -- LP, Rok _______________________________________________ lugos-list mailing list [email protected] http://liste2.lugos.si/cgi-bin/mailman/listinfo/lugos-list
