Unable to Port Forward to a Virtual Machine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a Fedora (35) workstation with some VMs running on a virtual LAN and I want to open service(s) to the local Physical LAN. Goal is to make an HTTP service running on 192.168.122.11:80 visible to 192.168.1.* as 192.168.1.62:80

 

What am I missing!?!?

 

Office Network

192.168.1.*

192.168.1.62 Fedora Workstation IP

 

VirtD network
192.168.122.*

192.168.122.11 Virtual Machine IP

 

I have a script file as

firewall-cmd --add-service=http

 firewall-cmd \

  --add-forward-port=port=80:proto=tcp:toport=80:toaddr=192.168.122.11
firewall-cmd --add-masquerade
firewall-cmd --add-forward
firewall-cmd --add-port=80/tcp


and sysctll -p reports:

net.ipv4.ip_forward = 1

But when I attempt to get the service
wget http://192.168.1.62

 Connecting to 192.168.1.62:80... failed: Connection refused.

 

Although I can get the service directly
wget http://192.168.122.11
2023-07-11 15:33:04 (86.1 MB/s) - ‘index.html’ saved [612/612]

 

# This is the default target
[root@tesla setup]# firewall-cmd --list-all    
FedoraWorkstation (active)
 target: default
 icmp-block-inversion: no
 interfaces: wlp6s0
 sources:  
 services: dhcpv6-client http https mdns samba samba-client ssh
 ports: 1025-65535/udp 1025-65535/tcp 80/tcp 443/tcp
 protocols:  
 forward: yes
 masquerade: yes
 forward-ports:  
       port=80:proto=tcp:toport=80:toaddr=192.168.122.11
       port=443:proto=tcp:toport=443:toaddr=192.168.122.11
 source-ports:  
 icmp-blocks:  
 rich rules:

 

# And I'm pretty sure this is related - I've tried opening up everything I can think of:
[root@tesla setup]# firewall-cmd --list-all  --zone=libvirt        
libvirt (active)
 target: ACCEPT
 icmp-block-inversion: no
 interfaces: virbr0
 sources:  
 services: dhcp dhcpv6 dns ssh tftp
 ports: 1-65534/tcp
 protocols: icmp ipv6-icmp
 forward: yes
 masquerade: yes
 forward-ports:  
 source-ports:  
 icmp-blocks:  
 rich rules:

 

 

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux