Dhyanesh Ramaiya wrote:
iptables -t nat -A PREROUTING -j DNAT -p tcp -d <public_ip> --dport 110 --to
<private_ip>:110
iptables -t nat -A PREROUTING -j DNAT -p tcp -d <public_ip> --dport 25 --to
<private_ip>:25
What happens, is that when I try to telnet port 25 or 110 from the router
itself, it doesn't connect and gives the error "Connection refused".
However, from any other machine on the network it connects. Thinking that
some firewall rules might be blocking the connection, the default policy of
all chains is set to accept.
Packets from the router itself do not go through the PREROUTING
chain, so they aren't being NATed. You'll need to add similar
NAT rules in the OUTPUT chain.
--
Philip Craig - philipc@xxxxxxxxxxxx - http://www.SnapGear.com
SnapGear - Custom Embedded Solutions and Security Appliances
