My code has become as follows :
******
iptables -A POSTROUTING -t nat -p tcp --dport 25 -j MASQUERADE
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.42 -d 207.106.22.35 --dport 21 -j MASQUERADE
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.23 -d 207.106.22.35 --dport 21 -j MASQUERADE
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.42 -d 207.106.22.35 --dport 21 -j MASQUERADE
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.23 -d 207.106.22.35 --dport 21 -j MASQUERADE
iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port 3128
*****
Is this O.K.
Thanks
George Vieira <georgev@xxxxxxxxxxxxxxxxxxxxxx> wrote:
You have not used MASQUERADE in your POSTROUTING rules or haven't showed it..iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.42 -d 207.106.22.35 --dport 80 -j MASQUERADEiptables -A POSTROUTING -t nat -p tcp -s 192.168.0.23 -d 207.106.22.35 --dport 80 -j MASQUERADEwithout the rules above, the 192.168.0.XX packets leave the network out into the internet and eventually get dropped by some ISP...-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of ads nat
Sent: Wednesday, August 27, 2003 4:53 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: SMTP HTTP port allowI am implimenting iptables for first time.I want to allow all my LAN users to send emails to SMTP (port no. 25) all destination with following code. :***iptables -A FORWARD -p tcp --dport 25 -j ACCEPT
***I also want to allow LAN users having ip 192.168.0.42 192.168.0.23 to upload contents to webserver on ip 207.106.22.35 (outside of LAN) with following code.***iptables -A FORWARD -p tcp -s 192.168.0.42 192.168.0.23 -d 207.106.22.35 --dport 80 -j ACCEPT***I would loke know whether It works or not.Tell me whether my code is O.K. also where can i check logs.Thanks
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
