Hello, I can not get DNAT to work to save my life.
All machines are CentOS7 KVM virtual machines, one the internet-connected
router, and the other in the DMZ.
I've gone through the docs and there seem to be two methods of port-forwarding,
and neither works in the router:
DNAT net dmz:10.1.1.30 tcp http,https
... and
Web(DNAT) net dmz:10.1.1.30
Web(ACCEPT) local dmz:10.1.1.30
(Of course10.1.1.30 is the dmx web server)
I checked both using a remote Openstack VM. And I'd previously used that OS VM
to check that port 80, 443, etc could get through my ISP to the
router/firewall, and they can. But port-forwarding simply does not work in the
router. I even tried the port 5000 mapped to 80 trick and no dice.
I turned off SELinux, and set aside my sysctl.conf security file, and no
better. I can reach the webserver in the dmz from the local LAN, so the
problem must be in port forwarding. There are no error messages in dmesg.
I've forwarded the dump to Tom.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
