Ken:
Try it with the adjustments below. Also make sure you also have a rule to
allow the machine to
get back out from the Internal Network to the Internet. Also if there are
other rules in your script, make
sure the packet isn't dropped by a preceding rule before it reaches your
DNAT and FORWARDING rule.
Stu..........
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Kenneth
Sent: May 15, 2002 12:06 AM
To: [EMAIL PROTECTED]
Subject: Newbie question
Hi all,
I'm new to the list and have a question here:
eth0 has a public IP address
eth1 has a private IP address
Attached is my iptable script. This script enables internal machines
communicate with public website and email. But it cannot give access
to website in internal web server(192.168.1.200:80).
/sbin/iptables -t nat -A PREROUTING -p tcp -i $INET_IFACE -d
INET_IP --dport 80 -j DNAT --to 192.168.1.200:80
/sbin/iptables -A FORWARD -m state --state NEW,ESTABLISHED, RELATED -p
tcp -i $INET_IFACE -d 192.168.1.200 --dport 80 -j ACCEPT
Any help/idea is appreciated.
--
Best regards,
Kenneth mailto:[EMAIL PROTECTED]
