/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
I had problems too with iptables at first. But my problem was that I had accidentally put a rule in another chain that rejected the packet before it got out on my internal net. I know this is a pretty crude mistake, but you might want to see if you did the same thing. ----Original Message Follows---- From: "Nathan Giuliani" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: [Masq] Re: portforwarding with IPTABLES Date: Mon, 08 Oct 2001 14:03:48 +0930 MIME-Version: 1.0 X-Originating-IP: [198.142.223.3] Received: from [216.15.66.24] by hotmail.com (3.2) with ESMTP id MHotMailBD8A7A43004040043261D80F4218D5520; Sun, 07 Oct 2001 21:44:53 -0700 Received: from alyssa.indyramp.com (alyssa.indyramp.net [216.15.66.10])by mx0.indyramp.net (Postfix) with ESMTPid 788147814; Sun, 7 Oct 2001 21:43:59 -0700 (PDT) Received: from alyssa.indyramp.com (IDENT:bin@localhost [127.0.0.1])by alyssa.indyramp.com (8.9.2/8.8.7) with ESMTP id VAA10647;Sun, 7 Oct 2001 21:43:43 -0700 (PDT) Received: from dns.indyramp.net (dns.indyramp.net [216.15.66.2]) by alyssa.indyramp.com (8.9.2/8.8.7) with ESMTP id VAA10351 for <[EMAIL PROTECTED]>; Sun, 7 Oct 2001 21:34:24 -0700 (PDT) Received: from hotmail.com (f190.law12.hotmail.com [64.4.19.190]) by dns.indyramp.net (Postfix) with ESMTP id 832BB927A for <[EMAIL PROTECTED]>; Sun, 7 Oct 2001 21:34:17 -0700 (PDT) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 7 Oct 2001 21:33:48 -0700 Received: from 198.142.223.3 by lw12fd.law12.hotmail.msn.com with HTTP; Mon, 08 Oct 2001 04:33:48 GMT >From [EMAIL PROTECTED] Sun, 07 Oct 2001 21:46:36 -0700 Message-ID: <[EMAIL PROTECTED]> X-OriginalArrivalTime: 08 Oct 2001 04:33:48.0802 (UTC) FILETIME=[6C9BFE20:01C14FB2] Sender: [EMAIL PROTECTED] Errors-To: [EMAIL PROTECTED] X-Mailman-Version: 1.0 Precedence: bulk List-Id: Linux IP Masquerading - End Users <masq.indyramp.com> X-BeenThere: [EMAIL PROTECTED] still doesnt work could i have compiled the kernel wrong? or maybe not loaded a module that is needed?? >From: Kailash Kayastha <[EMAIL PROTECTED]> >To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> >Subject: Re: portforwarding with IPTABLES >Date: Fri, 5 Oct 2001 14:52:10 -0500 >MIME-Version: 1.0 >Received: from [207.79.194.135] by hotmail.com (3.2) with ESMTP id >MHotMailBD875A27006340042A23CF4FC2870DDC0; Fri, 05 Oct 2001 12:51:03 -0700 >Received: by ntms01.abcv.com with Internet Mail Service (5.5.2653.19)id ><TM26J6MA>; Fri, 5 Oct 2001 14:52:12 -0500 >From [EMAIL PROTECTED] Fri, 05 Oct 2001 12:52:45 -0700 >Message-ID: <[EMAIL PROTECTED]> >X-Mailer: Internet Mail Service (5.5.2653.19) > >Try putting both of these commands > >iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to >10.0.0.2:80 >iptables -A PREROUTING -t nat -p tcp -d $EXTIP --dport 80 -j DNAT --to >10.0.0.2:80 > - where eth1 is external interface of the firewall. > >Let me know if this works > >Kailash > >========================================== > >From: "Nathan Giuliani" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Date: Thu, 04 Oct 2001 12:41:29 +0930 >Subject: [Masq] portforwarding with IPTABLES > >hey guys > >im new to iptables... i used to use ipmasqadm with ipchains to portforward >to internal machines no problem but i just cant seem to get it with >iptables. at the moment my ruleset/script is just the one from the howto as >i am still learning... im on holiday now thought and want to get through to >a machine behind the firewall. using a command like this: > >iptables -A PREROUTING -t nat -p tcp -d $EXTIP --dport 80 -j DNAT --to >10.0.0.2:80 > >or iptables -t nat -A PREROUTING -d $EXTIP -p tcp --dport 3389 -j DNAT --to >10.0.0.2 > >doesnt work. i need ports 21 80 and 3389... what am i doing wrong?? i am >just typing the commands into the console (ofcourse putting the IP in place >of $EXTIP!) as i can get into the linux box with ssh, and i can use lynx on >that box to get to my internal machine, so it is the portfarwarding that is >failing. > >i would appreciate some help! im guessing i need to put the commands at a >different place in the script or something as the commands do not report >errors. > >thanks guys >Nathan > > > >======================== >ABC Virtual Communications >Phone: 515-327-8861 x417 >Email: [EMAIL PROTECTED] > > _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
