Portforwarding (Newb)

**RobinVossen** · 11-23-2007

Well I am pretty new to NAT/Portforwading/Netmasks
And I have no idea what I do wrong now.
I want to Forward port 5911 to port 5901
So I use IPTables:

Code:

iptables -t nat -A POSTROUTING -p tcp -d 192.168.42.112 --dport 5911 -j DNAT --to 192.168.1.11:5901

And Ill get DNAT target: bad hook_mask 16. So I thought, lets check that out..
So I googled for "DNAT taarget: bad hook_mask 16"
Bad luck.
SO I checked again on the internet and I just cant put my finger on this.
HOW can I tunnel one port to another using iptables.
I can do It with netcat. but thats pretty unrelayable. (Unstable)
Cheers,
Robin

Edit:
Ok It resolved now (the command):
$IPTABLES -t nat -I PREROUTING -p tcp -i $EXTIF --dport 6346 -j DNAT --to 192.168.0.2:6346 (Example)
but, It doesnt work.
When I point my browser to the iptables box it doesnt work

When I do iptables -L -t nat Ill get

Code:

Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere 192.168.42.112 tcp dpt:www to:192.168.1.10:80

**RobinVossen** · 11-26-2007

Ok, well if I do: iptables -L -t nat now Ill get:

Code:

target prot opt source destination
DNAT tcp -- anywhere 192.168.42.112 tcp dpt:www to:192.168.1.10:80
DNAT tcp -- anywhere anywhere tcp dpt:www to:192.168.1.10:80
DNAT tcp -- anywhere anywhere tcp dpt:www to:192.168.1.10:80

But still Port 80 isnt beeing send right..
Since I still cant call the Website on that PC.

**Lazydog** · 11-26-2007

Originally Posted by RobinVossen

Well I am pretty new to NAT/Portforwading/Netmasks
And I have no idea what I do wrong now.
I want to Forward port 5911 to port 5901
So I use IPTables:

Code:

iptables -t nat -A POSTROUTING -p tcp -d 192.168.42.112 --dport 5911 -j DNAT --to 192.168.1.11:5901

This would be the correct way of doing that

Code:

ptables -t nat -A PREROUTING -p tcp -d 192.168 42.112 --dport 5911 -j DNAT --to-destination 192.168.42.122:5901

Another question I have is if this connection is stopping at the firewall box?
If it is 'yes' then you need to REDIRECT it and not DNAT and tyhat would look like this:

Code:

iptables -t nat -A PREROUTING -p tcp --dport 5911 -j REDIRECT --to-ports 5901

Here is a GREAT! Iptables Tutorial
http://iptables.rlworkman.net/chunkyhtml/index.html

**RobinVossen** · 11-26-2007

Ive read that.
And I did get a good -L output.

But, well I just dont really get it.
THanks though..

Cheers,
Robin

**Lazydog** · 11-27-2007

What don't you get? The difference between REDIRECT and DNAT? Or something else?

**RobinVossen** · 11-28-2007

I gont get why I have at the -L that I do get that is redirrected.
When its not..

**Lazydog** · 11-28-2007

can you post the complete file not the -L output. I read files a lot easier then I do that outputs from -L.
Maybe then I can see where your problem is.

**RobinVossen** · 11-29-2007

The file is the /etc/filewall.rules file?
Umm, I can try.
Since its on a box without ANY kind of Firetransfer so I have to write the file over.
Ill do that today at work if I have spare time

**hemel** · 11-29-2007

can u help me to connect myself in internet using my fc6

**RobinVossen** · 11-29-2007

Originally Posted by hemel

can u help me to connect myself in internet using my fc6

Yea we can but you have to make a Thread.
We will not tolerate Thread Hijacking.
Make a Thread describing your problem and we'll help you

Cheers,
Robin

Thread Tools

Display

Portforwarding (Newb)

Posting Permissions