You
have not used MASQUERADE in your POSTROUTING rules or haven't showed
it..
iptables -A POSTROUTING -t nat
-p tcp -s 192.168.0.42 -d 207.106.22.35
--dport 80 -j MASQUERADE
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.23 -d 207.106.22.35 --dport 80 -j
MASQUERADE
without the rules above, the 192.168.0.XX packets leave the network out
into the internet and eventually get dropped by some ISP...
-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of ads nat
Sent: Wednesday, August 27, 2003 4:53 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: SMTP HTTP port allow
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of ads nat
Sent: Wednesday, August 27, 2003 4:53 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: SMTP HTTP port allow
I am implimenting iptables for first time.
I want to allow all my LAN users to send emails to SMTP (port no.
25) all destination with following code. :
***
iptables -A FORWARD -p tcp --dport 25 -j ACCEPT
***
I also want to allow LAN users having ip 192.168.0.42 192.168.0.23 to
upload contents to webserver on ip 207.106.22.35 (outside of LAN) with
following code.
***
iptables -A FORWARD -p tcp -s 192.168.0.42 192.168.0.23 -d 207.106.22.35
--dport 80 -j ACCEPT
***
I would loke know whether It works or not.
Tell me whether my code is O.K. also where can i check logs.
Thanks
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
