Re: Not forwarding?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It works once i ran this:

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22 -j DNAT --to 192.168.0.2:22

Why did i need that? Do i still need my other rules? (in my filter - forward chain)?

On Mon, 29 Mar 2004 15:51:47 -0400,
Someone named Cody Harris <hchs@xxxxxxxxxxxxxxx> wrote:

> It didn't work. I'm getting somebody on my ISP to test it (offsite). The firewall IPs are: 10.30.7.147 for net (my ISP nats it) and 192.168.0.1 and my box i want to forward to is 192.168.0.2. It still doesn't work. Here's an updated ruleset:
> 
> 
> Chain INPUT (policy ACCEPT 3787 packets, 1815K bytes)
>  pkts bytes target     prot opt in     out     source               destination
>     0     0 DROP       tcp  --  eth0   any     anywhere             anywhere           tcp dpt:10000
>     0     0 DROP       tcp  --  eth0   any     anywhere             anywhere           tcp dpt:631
>     3   144 DROP       tcp  --  eth0   any     anywhere             anywhere           tcp dpt:http
>     0     0 DROP       tcp  --  eth0   any     anywhere             anywhere           tcp dpt:smtp
>     0     0 DROP       tcp  --  eth0   any     anywhere             anywhere           tcp dpt:ftp
>     0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp echo-reply
>     0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp destination-unreachable
>     0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp redirect
>     0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp echo-request
>     0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp time-exceeded
>     0     0 DROP       icmp --  eth0   any     anywhere             anywhere
> 
> Chain FORWARD (policy DROP 36 packets, 2291 bytes)
>  pkts bytes target     prot opt in     out     source               destination
>     0     0 ACCEPT     all  --  any    any     anywhere             anywhere           state RELATED,ESTABLISHED
>     0     0 ACCEPT     tcp  --  any    any     192.168.0.2          anywhere           tcp dpt:ssh
> 
> Chain OUTPUT (policy ACCEPT 3996 packets, 585K bytes)
>  pkts bytes target     prot opt in     out     source               destination
> 
> 
> 
> -- 
> +------------------+-----------------------------+
> | Cody Harris      | --------------------------- |
> | ---------------- | --------------------------- |
> +------------------+-------+---------------------+---+
> | *Sigh*. No key.                                    |
> +----------------------------------------------------+
> 


-- 
+------------------+-----------------------------+
| Cody Harris      | --------------------------- |
| ---------------- | --------------------------- |
+------------------+-------+---------------------+---+
| *Sigh*. No key.                                    |
+----------------------------------------------------+
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux