/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
>every think work fine my internal computer goes to the Internet but i >having a problem configure the iptables >so it will PORT forward port 80 / 21 to local machine on my local >lan. A new HOWTO will be released shortly that fixes a bug (missing "NEW" option) in its PORTFW FTP example. Anyway, to do PORTFW under IPTABLES, add the following in addition to your existing ruleset. (make sure you put these before any DROP/REJECT rules) -- #note: I cannot use -d $EXTIP as the rule never seems to match # $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -p tcp --dport 21 -m state \ --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP --dport 21 \ -j DNAT --to $PORTFWIP:21 -- >i have tried >--------------- >A) > iptables -A PREROUTING -t nat -p tcp -d $EXTIP --dport 80 -j DNAT --to >10.0.0.2:80 This is ok but only 1/2 of the total needed lines >B) >>iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to >>10.0.0.2:80 >>iptables -A PREROUTING -t nat -p tcp -d $EXTIP --dport 80 -j DNAT --to >>10.0.0.2:80 Wrong syntax. Anyway... please let me know if this fixes your problem. --David .----------------------------------------------------------------------------. | David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] | !---- ----! `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----' _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
