Hi there again...
Here's my changed rule:
-------
echo "Borrando posibles reglas anteriores..."
iptables -F
iptables -X
echo "Habilitando politicas de negacion total de paquetes"
iptables -P FORWARD DROP
iptables -P INPUT DROP
echo "Reglas para paquetes de entrada y salida"
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
##internas
iptables -A INPUT -i eth0 -p tcp --dport 143 -j ACCEPT
iptables -A INPUT -i lo -p tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 110 -j ACCEPT
#para el forward
echo 0 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -d 192.168.0.2 -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -d 10.73.219.156 -p 6 --dport 8080 \
-j DNAT --to-destination 192.168.0.2:80
echo 1 > /proc/sys/net/ipv4/ip_forward
-------
and after I executed this, here's my nmap output
-------
root@mail:~# nmap 10.73.219.156
(The 1652 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
143/tcp open imap
3306/tcp open mysql
--------
Should I show something else? for what I know, it should be forwarding
packets but is not... port 8080 is not open as nmap shows, any
suggestions?
Thanks a lot as usual...
Juan
