Re: what's the problem of DNAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> Any other rules in PREROUTING on port 80?
>
> iptables-save -t nat

-A PREROUTING -d Inet1 -p tcp -m tcp --dport 6100 -j DNAT
--to-destination 192.168.16.21:6100
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 192.168.16.114:80
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 20 -j DNAT
--to-destination 192.168.16.114:20
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 8081 -j DNAT
--to-destination 192.168.16.100:8081
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 8082 -j DNAT
--to-destination 192.168.16.100:8082
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 8085 -j DNAT
--to-destination 192.168.16.100:8085
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 8083 -j DNAT
--to-destination 192.168.16.100:8083
-A PREROUTING -d Inet1 -p tcp -m tcp --dport 8087 -j DNAT
--to-destination 192.168.16.100:8087

these are the rules in PREROUTING. the Inet1 replaced for the   
internet address. Now it only can connect to Inet1:80 through the
internet. and others like :Inet1:8083 can't be accessed.
    It worked months ago . but now it don't work anyway
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux