Hello to all, I write here after having tried to find the solution to
this for about 3 days and still no luck.
Let me explain the setup
eth0 eth1
10.0.1.200 10.0.1.192 10.0.10.2
10.0.10.1
|______________________________|__________________________________|
A B
C
so 3 boxes, A B and C
on C there is a web server, running on port 80, I want to be able to
access it through B from A.
So basically the ruleset should be on B if its port 80, forward to port 80 on C.
have tried these :
iptables -t nat -A PREROUTING -p tcp -d 10.0.1.200 --dport 80 -j DNAT
--to 10.0.10.1:80
iptables -t nat -A POSTROUTING -d 10.0.10.1 -j MASQUERADE
no luck, using iptables -t nat -nvL i saw that the first rule did
match since the number of packets went up, but i still can t see the
web server.
I also tried this :
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 10.0.10.1:80
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
did not work.
Any helo would be appreciated, thank you in advance,
Charles.
BTW : a little more bg info, this is a box in which i m implementing a
Single Packet authentication sistem, so the INPUT table s default
policy is drop, also i have a usercreated table called SPA which is
called upon as the first rule of INPUT.
for the sake of the forwarding experiment i flushed all tables and put
the policy on accept, but bear in mind that i will need to use that
type of restrictive ruleset.
thank you.
--
Charz
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
