I have a limited gateway that can only hold a few port forward entries. I have a debian sarge box on my internal network. I have no DMZ. I would like to forward a range of ports from the gateway to the debian box (say 5900-5999) and then forward those ports to various users on the network so they can use Ultravnc Single Click, in order to work around the limitation of the gateway. I would eventually like to replace the gateway with a debian box, but I thought I'd learn more about how this works first. I think I'm missing a fundamental concept around the traffic coming in and going out on the same network.
I tried forwarding one port to the debian box, then telling the debian box to forward to a workstation with the following commands, trying to ultravnc single click connect from outside (a dial up connection) to the listening workstation after each command. The traffic was never seen on the workstation. $iptables -A FORWARD -i eth0 -o eth0 -p tcp --dport 5904 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $iptables -A PREROUTING -t nat -p tcp -d [ip of debian box] --dport 5904 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to [ip of workstation]:5904 _______________________________________________ PDXLUG (a Portland Linux user group) mailing list [email protected] http://lists.pdxlug.org/mailman/listinfo/pdxlug IRC: irc.freenode.net #pdxlug & #orlug
