I'm trying to do some simple tcp port forwarding
[root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward
0
[root@wcmisdlin02 ~]# /bin/echo 1 > /proc/sys/net/ipv4/ip_forward
[root@wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@wcmisdlin02 ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:https
REJECT all -- anywhere anywhere
reject-with icmp-host-prohibited
[root@wcmisdlin02 ~]# iptables --table nat --append PREROUTING --proto
tcp --dport 80 --jump DNAT --to 10.52.208.223:80
[root@wcmisdlin02 ~]# iptables --table nat --list PREROUTING
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp
dpt:http to:10.52.208.223:80
[root@wcmisdlin02 ~]# curl --verbose http://10.52.208.221:80
* About to connect() to 10.52.208.221 port 80
* Trying 10.52.208.221... Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host
[root@wcmisdlin02 ~]#
--
http://alexus.org/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
