Noah, add "-t nat" before the "-A ..." Iptables defaults to the filter table so you need to tell it to use the nat table. HTH, Harry Quoting Noah <admin2@xxxxxxxxxxx>: *> *> *> redhat-8.0 *> iptrables 1.2.8 *> *> *> hi there, *> *> trying to get iptables runnign properly and taking some config advice from *> the *> Haxial website but Having a bit of difficulty getitng iptables working *> properly: *> *> this is a snip from the config file: *> *> --- snip --- *> *> PORTFWIP="192.168.1.69" *> *> $IPTABLES -A PREROUTING -i $EXTIF -p tcp --dport 10800 -j DNAT *> --to-destination $PORTFWIP:10800 *> $IPTABLES -A PREROUTING -i $EXTIF -p udp --dport 10800 -j DNAT *> --to-destination $PORTFWIP:10800 *> $IPTABLES -A PREROUTING -i $EXTIF -p tcp --dport 10700 -j DNAT *> --to-destination $PORTFWIP:10700 *> $IPTABLES -A PREROUTING -i $EXTIF -p tcp --dport 10600 -j DNAT *> --to-destination $PORTFWIP:10600 *> *> -- snip ---- *> *> here are the errors *> *> --- snip --- *> *> *> Enabling forwarding.. *> Clearing any existing rules and setting default policy.. *> FWD: Allow all connections OUT and only existing and related ones IN *> Enabling SNAT (MASQUERADE) functionality on eth0 *> iptables: No chain/target/match by that name *> iptables: No chain/target/match by that name *> iptables: No chain/target/match by that name *> iptables: No chain/target/match by that name *> *> Done. *> *> --- snip --- *> *> the forwarding of port 10600, 10700, 10800 to 192.168.1.69 is not happening *> - *> what am I doing wrong? *> *> *> --- snip --- *> *> # iptables -L *> Chain INPUT (policy ACCEPT) *> target prot opt source destination *> *> Chain FORWARD (policy DROP) *> target prot opt source destination *> ACCEPT all -- anywhere anywhere state *> RELATED,ESTABLISHED *> ACCEPT all -- anywhere anywhere *> LOG all -- anywhere anywhere LOG level *> warning *> *> Chain OUTPUT (policy ACCEPT) *> target prot opt source destination *> *> ---- snip --- *> *> *> - Noah *> *> *> -- *> redhat-list mailing list *> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe *> https://www.redhat.com/mailman/listinfo/redhat-list *> -- Harry Hoffman hhoffman@xxxxxxxxxxxxxxxx ---------------------------------------------------------------------------------- radical: 1) Someone waiting in line to become "The Establishment" ------------------------------------------------- This mail sent through IpSolutions: http://www.ip-solutions.net/ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
