Re: iptables question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Ward.P.Fontenot@xxxxxxxxxxxxxx wrote:
> I've added the following and it still isn't working
> 
> iptables -t nat -I PREROUTING -p tcp -m tcp --dport 8443 -j DNAT
> --to-destination 192.168.0.2:8443
> iptables -A FORWARD -d 192.168.0.1 -p tcp -m tcp --dport 8443 -j ACCEPT
> 
> I've enabled forwarding - not sure if it's needed but it's there just in
> case.

Yes, you do need forwarding enabled.

In that second rule, the match address should be 192.168.0.2 since the
translation has already been applied.  What does the rest of your
FILTER chain look like?  If the packet matches a REJECT rule prior
to reaching your ACCEPT rule, that will be the end of it.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux