Re: [plug] port forwarding not functioning

Mon, 26 Jan 2009 00:44:13 -0800 

On Mon, Jan 26, 2009 at 9:23 AM, Linux Cook <[email protected]> wrote:
> Hi guys,
>
> I've setup a centos-5.2 server (eth1 facing the internet) with a simple port
> forwarding where it forwards port 8081 to my internal box'  (192.168.0.2)
> port 8080.
>
> $ lsmod |grep iptable
> iptable_mangle          6849  0
> iptable_nat            11205  1
> iptable_filter          7105  1
> ip_nat                 20973  2 iptable_nat,ip_nat_ftp
> ip_conntrack           53153  5
> xt_state,iptable_nat,ip_nat_ftp,ip_nat,ip_conntrack_ftp
> ip_tables              17029  3 iptable_mangle,iptable_nat,iptable_filter
> x_tables               17349  8
> xt_limit,xt_pkttype,ipt_REJECT,xt_tcpudp,xt_state,ipt_LOG,iptable_nat,ip_tables
>
> $ sysctl -p
> net.ipv4.ip_forward = 1
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.accept_source_route = 0
>
> my rules:
>
> $IPTABLES -P INPUT ACCEPT
> $IPTABLES -P FORWARD ACCEPT
> $IPTABLES -t nat -P PREROUTING ACCEPT
> $IPTABLES -t mangle -P PREROUTING ACCEPT
>
> $IPTABLES -A INPUT -p tcp -m tcp --dport 8081 -j ACCEPT
> $IPTABLES -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 8081 -j DNAT
> --to-destination 192.168.0.2:8080
> $IPTABLES -I FORWARD -p tcp -d 192.168.0.2 --dport 8080 -j ACCEPT
>
> after running the rule:
>
> $ iptables -t nat -L
>
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> DNAT       tcp  --  anywhere             anywhere            tcp dpt:tproxy
> to:192.168.0.2:8080
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> What is wrong with my rules? Did I miss something?
>
> Pls help....
>
> linuxcook
>

seems nothing's wrong. are you trying to access the forwarded port
from inside (192.168.0.0/24)? if you cant get traffic back that's
normal.

>
>
>
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
>



-- 
edel
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph

Reply via email to