iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I'm trying to do some simple tcp port forwarding

[root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward
0
[root@wcmisdlin02 ~]# /bin/echo 1 > /proc/sys/net/ipv4/ip_forward
[root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@wcmisdlin02 ~]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:https
REJECT     all  --  anywhere             anywhere
reject-with icmp-host-prohibited
[root@wcmisdlin02 ~]# iptables --table nat --append PREROUTING --proto
tcp --dport 80 --jump DNAT --to 10.52.208.223:80
[root@wcmisdlin02 ~]# iptables --table nat --list PREROUTING
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  anywhere             anywhere            tcp
dpt:http to:10.52.208.223:80
[root@wcmisdlin02 ~]# curl --verbose http://10.52.208.221:80
* About to connect() to 10.52.208.221 port 80
*   Trying 10.52.208.221... Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host
[root@wcmisdlin02 ~]#

-- 
http://alexus.org/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux