From: Earl A Ramirez
To: CentOS mailing list
Sent: Tuesday, December 4, 2012 3:25 PM
Subject: Re: [CentOS] iptables port forwarding
On 5 December 2012 03:38, Joseph Spenner wrote:
> I have a simple requirement/test I'm trying to perform, bu
On 5 December 2012 03:38, Joseph Spenner wrote:
> I have a simple requirement/test I'm trying to perform, but having
> difficulty.
>
> I have a system with 2 interfaces, BoxA:
>
> eth0 172.26.50.102
> eth1 192.101.77.62
>
> My goal is to have a tcp port built on BoxA such that hosts on the
> 19
I have a simple requirement/test I'm trying to perform, but having difficulty.
I have a system with 2 interfaces, BoxA:
eth0 172.26.50.102
eth1 192.101.77.62
My goal is to have a tcp port built on BoxA such that hosts on the
192.101.77.0/24 network can reach a port on a different box on the
Thanks all!
I'm studying iptables at the moment, Hope I can help others in the feture :)
At 2011-06-28,"Ljubomir Ljubojevic" wrote:
>Christopher Chan wrote:
>> Er, you are not making much sense here. John posts that -v is needed to
>> not get the 'digested result' but the 'full result'
On Tuesday, June 28, 2011 05:22 PM, Ljubomir Ljubojevic wrote:
Christopher Chan wrote:
Er, you are not making much sense here. John posts that -v is needed
to not get the 'digested result' but the 'full result' and then you go
off on a branch about iptables-save. Oh, I still don't see what
diffe
Christopher Chan wrote:
Er, you are not making much sense here. John posts that -v is needed to
not get the 'digested result' but the 'full result' and then you go off
on a branch about iptables-save. Oh, I still don't see what difference
there is between iptables -nv -L ${table} and iptables-s
On Tuesday, June 28, 2011 04:05 PM, Ljubomir Ljubojevic wrote:
Christopher Chan wrote:
On Tuesday, June 28, 2011 02:38 AM, Ljubomir Ljubojevic wrote:
John R Pierce wrote:
On 06/27/11 10:43 AM, Ljubomir Ljubojevic wrote:
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`,
Christopher Chan wrote:
On Tuesday, June 28, 2011 02:38 AM, Ljubomir Ljubojevic wrote:
John R Pierce wrote:
On 06/27/11 10:43 AM, Ljubomir Ljubojevic wrote:
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need
`iptabl
On Tuesday, June 28, 2011 02:38 AM, Ljubomir Ljubojevic wrote:
John R Pierce wrote:
On 06/27/11 10:43 AM, Ljubomir Ljubojevic wrote:
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need
`iptable -L -vn -t nat` to see t
John R Pierce wrote:
On 06/27/11 10:43 AM, Ljubomir Ljubojevic wrote:
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need
`iptable -L -vn -t nat` to see those chains, and `iptable -L -vn -t
mangle` if you're using an
On 06/27/11 10:43 AM, Ljubomir Ljubojevic wrote:
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need
`iptable -L -vn -t nat` to see those chains, and `iptable -L -vn -t
mangle` if you're using any mangle entries.
ip
John R Pierce wrote:
On 06/27/11 12:05 AM, muiz wrote:
[root@localhost ~]# /sbin/iptables -L
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need `iptable
-L -vn -t nat` to see those chains, and `iptable -L -vn -t m
Dear all,
Thanks very much for your kindly help! I use below codes to update the
firewall, and it works now.
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -d 192.168.1.250 -p tcp -m tcp --dport 8080 -j
DNAT --to-destination a.b.c.d:8181
iptables -t nat -A POSTROUTING
On 06/27/11 12:05 AM, muiz wrote:
[root@localhost ~]# /sbin/iptables -L
note that doesn't show all the pertinent info. I prefer `iptable -L
-vn`, and it still doesn't show the nat tables, you also need `iptable
-L -vn -t nat` to see those chains, and `iptable -L -vn -t mangle` if
you're usin
On Monday, June 27, 2011 03:15 PM, Ljubomir Ljubojevic wrote:
muiz wrote:
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Culprit right here. You need to allow connections to a.b.c.d.
Chain OUTPUT (policy AC
muiz wrote:
Dear all,
Below is my iptables default settings: (only open port 22 and 8080
(webcache))
-
[root@localhost ~]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target pr
Dear all,
Below is my iptables default settings: (only open port 22 and 8080
(webcache))
-
[root@localhost ~]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source
Marian Marinov wrote:
> On Monday 27 June 2011 07:15:33 muiz wrote:
>> Marian, I'm very happy you're online :)I think I have try the record you
>> mention just now. And I would like to clear what I have done (the scripts
>> I test):/sbin/iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080
>>
On Monday 27 June 2011 07:15:33 muiz wrote:
> Marian, I'm very happy you're online :)I think I have try the record you
> mention just now. And I would like to clear what I have done (the scripts
> I test):/sbin/iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080
> --to a.b.c.d:8181 /sbin/ipt
Marian, I'm very happy you're online :)I think I have try the record you
mention just now. And I would like to clear what I have done (the scripts I
test):/sbin/iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to
a.b.c.d:8181
/sbin/iptables -t nat -A POSTROUTING -j SNAT -s 192.168.0
On Monday 27 June 2011 06:50:27 muiz wrote:
> Dear Marian and all,
> It seems don't works:
> /sbin/iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to
> a.b.c.d:8181 /sbin/iptables -t nat -A POSTROUTING -j SNAT -s
> 192.168.0.0/255.255.255.0 --to a.b.c.d echo 1 >
> /proc/sys/net/ipv4/i
Dear Marian and all,
It seems don't works:
/sbin/iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to
a.b.c.d:8181
/sbin/iptables -t nat -A POSTROUTING -j SNAT -s 192.168.0.0/255.255.255.0 --to
a.b.c.d
echo 1 > /proc/sys/net/ipv4/ip_foward
I check the Fedora iptables setting: /etc/
On Monday 27 June 2011 00:08:08 muiz wrote:
> Thanks Marian,
> The server only has one IP. I think I should add more iptables records,
> only one NAT record is not enough,isit correct? If yes , then how?
Huh, I'm sorry yes you need a second rule. So the rules are:
iptables -t nat -A PREROUTING -
Thanks Marian,
The server only has one IP. I think I should add more iptables records, only
one NAT record is not enough,isit correct? If yes , then how?
2011-06-26 23:38:58,"Marian Marinov" wrote:
>On Sunday 26 June 2011 12:53:07 muiz wrote:
>> Dear all,
>> I would like to forward a port
On Sunday 26 June 2011 12:53:07 muiz wrote:
> Dear all,
> I would like to forward a port to an internet server, but failed. can you
> help me? Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6
> Remote server: IP: a.b.c.d Port: 8181
>
>
> Forward path: client1(192.168.1.10) -> 192.16
Dear all,
I would like to forward a port to an internet server, but failed. can you
help me?
Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6
Remote server: IP: a.b.c.d Port: 8181
Forward path: client1(192.168.1.10) -> 192.168.1.250:8080 (forward) -> a.b.c.d
Port: 8181
--
26 matches
Mail list logo