On Monday 28 June 2004 11:18 am, Gunnar Frödin wrote:
> Ok about the splitt DNS, i'm new at this(Linux) but I think I know, but if
> you have the time, some more info would be god, there is a DNS on
> 192.168.0.100
Is that DNS server providing responses to internal clients only, or to
external clients as well (in which case, how have you done the DNAT rules for
that one!?)
> The real problem is that the port forwarding dose not work at all !!!
What, not even from the outside? Hm. The ruleset you posted looked
sensible enough.
Two questions then:
1. Is the public address 217.215.x.x which you are using as the original
destination in your DNAT rule bound to the external interface (eth0) of the
firewall?
2. What do the packet counts for the appropriate rules show from "iptables -L
FORWARD -nvx; iptables -L PREROUTING -t nat -nvx"?
The packet counts should show us whether packets are:
a) arriving
b) getting DNATted
c) being FORWARDed
d) getting replies
Regards,
Antony.
--
Ramdisk is not an installation procedure.
Please reply to the list;
please don't CC me.
