Hi,
I am having some problems doing port forwarding for my mail server and webserver. In this scenario I will refer to the mail only as the solution will solve my problem for both.
My problem, well port forwarding just does not want to work period...
I use this script:
iptables -t nat -A PREROUTING -p tcp -i eth0 -d EXTIP -s 0/0 --dport 25 -j DNAT --to intip
iptables -A FORWARD -p tcp -i eth0 -o eth1 -m state --state NEW,ESTABLISHED,RELATED -d intip --dport 25 -j ACCEPT
I am thinking a routing problem cause I have tried just about everything I know. Using tcpdump I can see that packet coming in and being forwarded to my intip and port 25. That's as far as I get....
Any suggestions would be appreciated
When I do a iptables -v -L FORWARD I get the following:
fw1:/usr/sbin # iptables -v -L FORWARD
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- eth0 eth1 anywhere 172.16.81.10 state NEW,RELATED,ESTABLISHED tcp dpt:smtp
0 0 ACCEPT all -- eth1 eth0 anywhere anywhere
When I do iptables -v -L -t nat I get the following:
fw1:/usr/sbin # iptables -v -L -t nat
Chain PREROUTING (policy ACCEPT 314 packets, 53363 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- eth1 any anywhere anywhere tcp dpt:http redir ports 3128
2 108 DNAT tcp -- eth0 any anywhere fw1.centratel.co.zatcp dpt:smtp to:172.16.81.10:25
Chain POSTROUTING (policy ACCEPT 6 packets, 388 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any any 172.16.81.0/24 anywhere
Chain OUTPUT (policy ACCEPT 5 packets, 416 bytes)
pkts bytes target prot opt in out source destination
Thanks in advance
