-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 05 September 2002 09:06 pm, Kevin - KD Micro Software wrote: > Hi all, > > I've spoken to a couple of people who tried port forwarding using > iptables and apparently it's not an easy task to accomplish. I've tried > myself and don't seem to have any luck whatsoever either (after reading > numbers of HOWTOs etc) so I'm asking here as a last resort.
I use port forwarding here without any difficulty. I forward port 8080 on the external interface to port 8080 on an internal machine. The rules I use are: $IPTABLES -A FORWARD -i $EXTERNAL -d $INTERNAL_NET \ -p tcp --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPTABLES -t nat -A PREROUTING -i $EXTERNAL -p tcp -d $EXT_IP \ - --dport 8080 -j DNAT --to-destination 192.168.0.5:8080 Variables used above are: ## Variables ## IPTABLES="/sbin/iptables" LOOPBACK="lo" ## Loopback Interface EXTERNAL="eth0" ## External Interface INTERNAL="eth1" ## Internal Interface INTERNAL_NET="192.168.0.0/24" INT_IP=`/sbin/ifconfig $INTERNAL | grep inet | cut -d : -f 2 | cut -d \ - -f 1` EXT_IP=`/sbin/ifconfig $EXTERNAL | grep inet | cut -d : -f 2 | cut -d \ - -f 1` If that doesn't help at all, I can send you my firewall script off list. - -- - -Michael pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt Red Hat Linux 7.{2,3} in 8M of RAM: http://www.rule-project.org/ - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj14B4MACgkQn/07WoAb/SsetgCglpQbcrBy+j6wFIqv7xHad/2r 8+sAoIftgLCGLttW/0aiSL9BfOsmY9wn =aXda -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list