Re: Port forwarding for virtual NICs

Fri, 14 Sep 2001 06:56:31 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Thanks for all your help.  I am using gShield, and things weren't
working.  It turned out not to be an iptables problem, but a local
routing problem.  This was a test system hooked up to a second DSL line,
and the routing was still pointing to the primary T-1 line, both on the
firewall and on the system I was attempting to route to.

Once I fixed that problem, things work fine.

Again, thanks to all.


JBB

Thursday, September 13, 2001, 2:33:28 PM, you wrote:

JBB> -----BEGIN PGP SIGNED MESSAGE-----
JBB> Hash: SHA1

JBB> Hello ,

JBB> I'm trying to set up a firewall for my office using iptables.  The system is a 
RedHat 7.1
JBB> installation with all the latest updates.

JBB> Once of the things we have here is that the external NIC (eth0) supports 4 IP 
addresses.
JBB> The internal network is a 192.168.1. subnet.

JBB> I'm trying to get this system to route packets going to one of the virtual IPs to 
one of
JBB> internal system.  But I can't figure out how.  When I try the command, iptables 
rejects
JBB> the virtual interface (see the output below).

JBB> Any help would be appreciated.

JBB> Thanks in advance.


JBB> ============== Output of commands follow ===============
JBB> [root@debbie-new tools]# sh -x /tmp/ab

JBB> + /sbin/iptables -I FORWARD -p tcp -d 192.168.1.2 --dport 80 -j ACCEPT
JBB> + /sbin/iptables -I FORWARD -p udp -d 192.168.1.2 --dport 80 -j ACCEPT
JBB> + /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0:1 --dport 80 -j DNAT --to 
192.168.1.2:80
JBB> Warning: wierd character in interface `eth0:1' (No aliases, :, ! or *).
JBB> + /sbin/iptables -t nat -A PREROUTING -p udp -i eth0:1 --dport 80 -j DNAT --to 
192.168.1.2:80


JBB> ========================================================


JBB> JBB
JBB>  Jonathan                          mailto:[EMAIL PROTECTED]
JBB> -----BEGIN PGP SIGNATURE-----
JBB> Version: GnuPG v1.0.6 (MingW32)
JBB> Comment: For info see http://www.gnupg.org

JBB> iEYEARECAAYFAjug+/oACgkQxQhxe/20cF4EdwCfbCTDNhi2Io4citN7XXkD3tkU
JBB> dyYAn03RoV4fciu1G7m9k9tNP5eHpu3n
JBB> =pekk
JBB> -----END PGP SIGNATURE-----



- --
Best regards,
 Jonathan                            mailto:[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjuiE1gACgkQxQhxe/20cF6NNgCdHb+2qch75ir8eQES/arjl8ZN
m5EAnjU0JG7zvDMjfa6dci5ylyJCIC2j
=7XkL
-----END PGP SIGNATURE-----



_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list

Reply via email to