My redirect work well for services DNS SMTP POP WWW but for SSH dont. The service stay idle and dont send me any message, it's only stay idle What can i do ?
--- [EMAIL PROTECTED] escreveu: > Send netfilter mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, > visit > http://lists.samba.org/listinfo/netfilter > or, via email, send a message with subject or body > 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it > is more specific > than "Re: Contents of netfilter digest..." > > > Today's Topics: > > 1. RE: terminal services connection (Stewart > Thomspon) > 2. RE: terminal services connection (Stewart > Thomspon) > 3. Re: terminal services connection (Jack > Bowling) > 4. (��������) ��Ǯ���� �, �ٲܼ� �ֽ��ϴ�. > (���Ѻұ��غ���) > 5. Re: terminal services connection (Jaap Crezee) > 6. simple question (Imran F Bhatti) > 7. RE: terminal services connection (Stewart > Thomspon) > 8. RE: terminal services connection (Stewart > Thomspon) > 9. Re: TCP ******S* portscan (Oskar Andreasson) > 10. DNAT setup question (Tom Walder) > > --__--__-- > > Message: 1 > Date: Sun, 07 Apr 2002 22:40:06 -0700 > From: Stewart Thomspon <[EMAIL PROTECTED]> > Subject: RE: terminal services connection > To: [EMAIL PROTECTED], 'ian highsun' > <[EMAIL PROTECTED]>, > [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > > Hi James: > > Tried that to, but no go. Everything else works > great. I am running > basically the same configuration as Ian. > Running Redhat 7.2 Kernel 2.4.9-31 iptables 1.24. > Was there a problem with > that combination? > > Stu............ > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > James Austin > Sent: April 7, 2002 9:56 PM > To: 'ian highsun'; [EMAIL PROTECTED] > Subject: RE: terminal services connection > > I am running this now with the following > > These are the only 2 entires you need for this to > work. > > iptables -t nat -A PREROUTING -i eth0 -p tcp -d > $EXT_IP --dport 3389 -j > DNAT --to-destination $DST_ADDY > iptables -A FORWARD -i eth0 -o eth1 -p tcp -d > $DST_ADDY --dport 3389 -j > ACCEPT > > Regards > James > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On Behalf > Of ian highsun > > Sent: Monday, April 08, 2002 12:48 PM > > To: [EMAIL PROTECTED] > > Subject: terminal services connection > > > > > > Hi all, > > I am trying to connect a terminal service client > via internet > > and iptables firewall. My setup is > > > > inet-----|linux|---|hub|---|win2k server terminal > services| > > i have tried a nat rule of "iptables -t nat -A > PREROUTING -i > > ippp0 -p tcp --dport 3389 -j DNAT --to-destination > > win2kserver" and a forward rule for port 3389 but > my client > > cant connect. Can anyone offer any urls or advice > on > > connecting terminal service clients through > iptables. Thanks > > in advance. Ian > > -- > > > > _______________________________________________ > > Sign-up for your own FREE Personalized E-mail at > Mail.com > http://www.mail.com/?sr=signup > > > > > > > > > > --__--__-- > > Message: 2 > Date: Sun, 07 Apr 2002 22:41:53 -0700 > From: Stewart Thomspon <[EMAIL PROTECTED]> > Subject: RE: terminal services connection > To: ian highsun <[EMAIL PROTECTED]>, > [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > > Oops, screwed up the iptables version with the cut > and paste. It is actually > iptables 1.24. > > Stu......... > > > > Hi Ian: > > > I am having the same problems with DNAT and > forwarding. So, if you > find a solution I would like to hear about it. > I am using Redhat 7.2 Kernel 2.4.9-31 iptables > 2.4.9-31 with the following > lines in my firewall script. These are the first > rules > and all the remaining rules follow them. > > iptables -t nat -A PREROUTING -i EXTIF -s $ANYWHERE > \ > -p tcp -d $EXTIP --dport 23 -j DNAT --to > $TELNET > > iptables -A FORWARD -i $EXTIF -o $INTIF -s $ANYWHERE > -d $TELNET \ > -p tcp --dport 23 -j ACCEPT > > iptables -m state -A FORWARD -i $INTIF -o $EXTIF -s > $TELNET -d $ANYWHERE \ > -p tcp --sport 23 --state > NEW,ESTABLISHED,RELATED -j ACCEPT > > Everything else works great SNAT, internal > forwarding, port > blocking, and access to specific services on the > firewall. > machine. I have tried a number of variations from > all kinds of HOWTOS and > discussion threads. Try http://www.google.com > and type in "iptables dnat", you will find a whole > bunch of links. This > seems to be a really common problem. Good Luck! > It might help the group if you provide a little more > information for the > group. I.e. Versions, ppp or eth etc. > > How about it guru's, is there a problem with > DNAT with certain > kernels and iptables > Combinations? Or is there Some other factor that can > affect DNAT. I have > tried a number > of ports and internal computers that work otherwise > with no luck. > > Stu.......... > > > > > > > === message truncated === _______________________________________________________________________________________________ Yahoo! Empregos O trabalho dos seus sonhos pode estar aqui. Cadastre-se hoje mesmo no Yahoo! Empregos e tenha acesso a milhares de vagas abertas! http://br.empregos.yahoo.com/
