I'm a bit stumped with this one. I have the following NAT rules in:
#
# Forward SMTP.
#
$IPTABLES -A PREROUTING -t nat -i $EXTERNAL -p tcp --dport 25 -j DNAT \
--to 192.168.104.3:25
$IPTABLES -A FORWARD -i $EXTERNAL -p tcp -d 192.168.104.3 --dport 25 -j
ACCEPT
#
# Forward HTTP.
#
$IPTABLES -A PREROUTING -t nat -i $EXTERNAL -p tcp --dport 80 -j DNAT \
--to 192.168.104.3:80
$IPTABLES -A FORWARD -i $EXTERNAL -p tcp -d 192.168.104.3 --dport 80 -j
ACCEPT
#
# Forward HTTPS.
#
$IPTABLES -A PREROUTING -t nat -i $EXTERNAL -p tcp --dport 443 -j DNAT \
--to 192.168.104.3:443
$IPTABLES -A FORWARD -i $EXTERNAL -p tcp -d 192.168.104.3 --dport 443 -j
ACCEPT
SMTP forwards fine, HTTPS forwards fine but HTTP does not. I have no idea
why. A quick look at iptables -v -L shows this:
0 0 ACCEPT tcp -- ppp0 any anywhere
suction tcp dpt:smtp
0 0 ACCEPT tcp -- ppp0 any anywhere
suction tcp dpt:http
0 0 ACCEPT tcp -- ppp0 any anywhere
suction tcp dpt:https
When I try to connect from outside the firewall to port 80 it just hangs.
Connecting to port 443 and 25 go through just fine. There is a web server
on port 80.....I can telnet to it from the firewall box and it is located
at 192.168.104.3.
Am I missing something? This is killing me! I'm losing hair by the
minute here. Any help would be greatly appreciated.
