Still not working.. Does anyone have a step by step howto on this? -- thanks, louie miranda ----- Original Message ----- From: "John Davey" <list@davey.net.au> To: "louie miranda" <lmiranda@chikka.com>; <netfilter@lists.samba.org> Cc: "Rasmus Bøg Hansen" <moffelist@amagerkollegiet.dk> Sent: Monday, February 24, 2003 9:23 PM Subject: RE: Forwarding problem, :( port redirection! > Your FORWARD rule is still wrong. It's already been DNAT'd so forward it > to the IP thats on the box..ie 10.0.0.11 > > panic:/# iptables -A FORWARD -i eth0 -o eth1 -p tcp -d \ > 10.0.0.11 --dport 21 -j ACCEPT > > Also your firewall is on panic so NONE of the rules you have listed are even > used. When you telnet from panic to 10.0.0.11. > > http://www.netfilter.org/documentation/index.html#HOWTO > > > > -----Original Message----- > From: netfilter-admin@lists.netfilter.org > [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of louie miranda > Sent: Monday, 24 February 2003 7:02 PM > To: netfilter@lists.samba.org > Cc: Rasmus Bøg Hansen > Subject: Re: Forwarding problem, :( port redirection! > > > panic:/# iptables -t nat -A PREROUTING -i eth0 -p tcp -d > 203.190.72.108 --dport 21 -j DNAT --to 10.0.0.11:21 > panic:/# iptables -A FORWARD -i eth0 -o eth1 -p tcp -d > 203.190.72.108 --dport 21 -j ACCEPT > panic:/# telnet 203.190.72.108 21 > Trying 203.190.72.108... > telnet: Unable to connect to remote host: Connection refused > panic:/# telnet 10.0.0.11 21 > Trying 10.0.0.11... > Connected to 10.0.0.11. > Escape character is '^]'. > 220 Dynu FTP Server (Version 1.13) > ^] > telnet> q > Connection closed. > panic:/# telnet 203.190.72.108 21 > Trying 203.190.72.108... > telnet: Unable to connect to remote host: Connection refused > panic:/# > > Still no success! :( > > > > -- > thanks, > louie miranda > > > ----- Original Message ----- > From: "Rasmus Bøg Hansen" <moffelist@amagerkollegiet.dk> > To: "louie miranda" <lmiranda@chikka.com> > Cc: <netfilter@lists.samba.org> > Sent: Monday, February 24, 2003 4:25 PM > Subject: Re: Forwarding problem, :( port redirection! > > > On Mon, 24 Feb 2003, louie miranda wrote: > > > Im trying just to forward simple ftp, 21 request into my internal machine. > > Im typing this but it does not work.. > > > iptables -t nat -A PREROUTING -i eth0 -p tcp -d 10.0.0.11 --dport 21 -j > > DNAT --to 203.190.72.108:21 > > iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 203.190.72.108 --dport 21 -j > > ACCEPT > > Are you *sure* of those IP's? 10.0.0.11 is a private IP and is unusable > on the internet - however your rules state that 10.0.0.11 is located on > the internet. I'm pretty sure, you need to exchange the global and local > IP. > > /Rasmus > > -- > -- [ Rasmus "Møffe" Bøg Hansen ] --------------------------------------- > Drink wet cement: Get Stoned. > ----------------------------------[ moffe at amagerkollegiet dot dk ] -- > > > > > >
