Every time I think I'm getting to the point where I might understand IP Tables, I do something that proves that, no, I really don't. Today's confusion: I want to set up a virtual NIC to do port forwarding. But first, I wanted to get the port forward part of the equation straight. So I wound up executing these commands:
iptables -t nat -A PREROUTING -p tcp --dport 8774 -j DNAT --to 172.23.242.39:8774 iptables -A FORWARD -d 172.23.242.39 -p tcp --dport 8774 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE Worked great. I then did an "ifconfig eth0:1 172.23.9.139 netmask 255.255.255.0" to see if I could telnet to port 8774 on it. I could. So then I did "iptables --flush", and it did. When I type "iptables --list", I now get: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Terrific. Pretty much what I expected. Telnetting to port 8774 on eth0 fails, as expected... but telnetting to port 8774 on the virtual works great. I even fired up Firefox to make sure, and youbetchya, it's interacting with the remote server. Why? -Ken _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
