iptables

Mike Kirk mike.kirk-rieW9WUcm8FFJ04o6PK0Fg at public.gmane.org
Sat Nov 8 11:58:08 UTC 2003


> iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.0.1 --dport
8888 -j dnat
> --to 192.168.0.66:8888
>
> iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.66 --dport 8888 -j ACCEPT
>
> I'm using coyote linux firewall and figured it to be as easy as forwarding
a
> port but no luck.

I use something like this:

iptables -t nat -A PREROUTING -i ${INTERNET} -p tcp --dport 6346 -j
DNAT --to-dest 192.168.0.27
iptables -A FORWARD -i ${INTERNET} -o ${INSIDE} -p tcp -d
192.168.0.27 --dport 6346 -j ACCEPT

Since I'm not also redirecting the port my first line doesn't have the port
on the end of the "to" address (which I guess may be valid anyways) and my
2nd line specifically has an output "-o" because of multiple interface, but
I don't know if you need it as well.

Does the internal machine already work with NAT through your router (i.e.
can you web browse with it?).

Maybe try stripping the port from "to" on your first line and just rely on
the "--dport" in your second line to handle the port?

Good luck!

  Mike

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list