iptables port forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



If you're doing true port forwarding, the internal server should see the 
ip address of the external machine in its logs.

This is how my machines log that do this,  I use this type of entry in 
iptables:

iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth1 -j DNAT --to 
10.198.0.17

P.


Johnny Hughes wrote:

>On Thu, 2005-05-19 at 21:08 +0800, Mark Quitoriano wrote:
>  
>
>>i'm having a problem viewing logs on forwarded ports from the firewall
>>to another server, i forwarded mail(port 25) from the firewall to an
>>internal server. The problem is when i try to view the logs it just
>>shows the firewall ip as the sender and not the original sender.
>>
>>
>>    
>>
>In reality, the firewall may be making the connection to the internal
>server... and not the external machine.  Especially if the internal
>server is on a 192.168.x.x or 10.x.x.x network and you are connecting
>via NAT.  If that is the case, the external machine is connecting to the
>firewall and the firewall is connecting to the internal server.
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>CentOS mailing list
>CentOS@xxxxxxxxxx
>http://lists.centos.org/mailman/listinfo/centos
>  
>

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux