Re: Port forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dhyanesh Ramaiya wrote:
iptables -t nat -A PREROUTING -j DNAT -p tcp -d <public_ip> --dport 110 --to
<private_ip>:110
iptables -t nat -A PREROUTING -j DNAT -p tcp -d <public_ip> --dport 25 --to
<private_ip>:25

What happens, is that when I try to telnet port 25 or 110 from the router
itself, it doesn't connect and gives the error "Connection refused".
However, from any other machine on the network it connects. Thinking that
some firewall rules might be blocking the connection, the default policy of
all chains is set to accept.

Packets from the router itself do not go through the PREROUTING chain, so they aren't being NATed. You'll need to add similar NAT rules in the OUTPUT chain.

--
Philip Craig - philipc@xxxxxxxxxxxx - http://www.SnapGear.com
SnapGear - Custom Embedded Solutions and Security Appliances



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux