Hello people,
i must say that i'm going nuts because portFW with
iptables.
Here is my story:
I got one machine for Gateway & Firewall (R.H. 7.2
--kernel 2.4.9.21 --iptables 1.2.4). On that machine
is
eth0 - (in iptables is ININT )- local 192.168.1.1)
eth1 - (in iptables is EXTINT) - internet static-IP )
Then i got one machine Behing that Firewall that have
2 NIC's and (RH7.2 )
eth0 - 192.168.1.5
eth1 - 192.168.1.100
So my problem is to map or forward all http and ftp
traffic to this LAN machine behind firewall.
So i was try with :
$iptables -t nat -A PREROUTING -p tcp --dport 21 -i
$EXTIF -j DNAT --to \
192.168.1.5:21
with no success ;(
So i was read allmost all mailing list arhive for help
and with no success.
!!! PLEASE HELP TO GET WORK!!!
Here are mine forward rules from rc. file:
*************************
# FORWARD: Enable Forwarding and thus IPMASQ
#
echo " - FWD: Allow all connections OUT and only
existing/related IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state
--state ESTABLISHED,RELATED \
-j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
# Catch all rule, all other forwarding is denied and
logged.
#
$IPTABLES -A FORWARD -j drop-and-log-it
echo " - NAT: Enabling SNAT (MASQUERADE)
functionality on $EXTIF"
#
#More liberal form
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j
MASQUERADE
$iptables -t nat -A PREROUTING -p tcp --dport 21 -i
$EXTIF -j DNAT --to \
192.168.1.5:21
*************************
TNX al lot and regards,
dbmg2001
__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com
