Find the answer to your Linux question:
Results 1 to 10 of 10
Well I am pretty new to NAT/Portforwading/Netmasks And I have no idea what I do wrong now. I want to Forward port 5911 to port 5901 So I use IPTables: ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429

    Portforwarding (Newb)


    Well I am pretty new to NAT/Portforwading/Netmasks
    And I have no idea what I do wrong now.
    I want to Forward port 5911 to port 5901
    So I use IPTables:
    Code:
    iptables -t nat -A POSTROUTING -p tcp -d 192.168.42.112 --dport 5911 -j DNAT --to 192.168.1.11:5901
    And Ill get DNAT target: bad hook_mask 16. So I thought, lets check that out..
    So I googled for "DNAT taarget: bad hook_mask 16"
    Bad luck.
    SO I checked again on the internet and I just cant put my finger on this.
    HOW can I tunnel one port to another using iptables.
    I can do It with netcat. but thats pretty unrelayable. (Unstable)
    Cheers,
    Robin


    Edit:
    Ok It resolved now (the command):
    $IPTABLES -t nat -I PREROUTING -p tcp -i $EXTIF --dport 6346 -j DNAT --to 192.168.0.2:6346 (Example)
    but, It doesnt work.
    When I point my browser to the iptables box it doesnt work

    When I do iptables -L -t nat Ill get
    Code:
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    DNAT tcp -- anywhere 192.168.42.112 tcp dpt:www to:192.168.1.10:80
    New Users, please read this..
    Google first, then ask..

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Ok, well if I do: iptables -L -t nat now Ill get:
    Code:
    target prot opt source destination
    DNAT tcp -- anywhere 192.168.42.112 tcp dpt:www to:192.168.1.10:80
    DNAT tcp -- anywhere anywhere tcp dpt:www to:192.168.1.10:80
    DNAT tcp -- anywhere anywhere tcp dpt:www to:192.168.1.10:80
    But still Port 80 isnt beeing send right..
    Since I still cant call the Website on that PC.
    New Users, please read this..
    Google first, then ask..

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by RobinVossen View Post
    Well I am pretty new to NAT/Portforwading/Netmasks
    And I have no idea what I do wrong now.
    I want to Forward port 5911 to port 5901
    So I use IPTables:
    Code:
    iptables -t nat -A POSTROUTING -p tcp -d 192.168.42.112 --dport 5911 -j DNAT --to 192.168.1.11:5901
    This would be the correct way of doing that
    Code:
    ptables -t nat -A PREROUTING -p tcp -d 192.168 42.112 --dport 5911 -j DNAT --to-destination 192.168.42.122:5901
    Another question I have is if this connection is stopping at the firewall box?
    If it is 'yes' then you need to REDIRECT it and not DNAT and tyhat would look like this:
    Code:
    iptables -t nat -A PREROUTING -p tcp --dport 5911 -j REDIRECT --to-ports 5901

    Here is a GREAT! Iptables Tutorial
    http://iptables.rlworkman.net/chunkyhtml/index.html

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  4. #4
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Ive read that.
    And I did get a good -L output.

    But, well I just dont really get it.
    THanks though..

    Cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

  5. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    What don't you get? The difference between REDIRECT and DNAT? Or something else?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #6
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    I gont get why I have at the -L that I do get that is redirrected.
    When its not..
    New Users, please read this..
    Google first, then ask..

  7. #7
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    can you post the complete file not the -L output. I read files a lot easier then I do that outputs from -L.
    Maybe then I can see where your problem is.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  8. #8
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    The file is the /etc/filewall.rules file?
    Umm, I can try.
    Since its on a box without ANY kind of Firetransfer so I have to write the file over.
    Ill do that today at work if I have spare time
    New Users, please read this..
    Google first, then ask..

  9. #9
    Just Joined!
    Join Date
    Aug 2007
    Posts
    2
    can u help me to connect myself in internet using my fc6

  10. #10
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Quote Originally Posted by hemel View Post
    can u help me to connect myself in internet using my fc6
    Yea we can but you have to make a Thread.
    We will not tolerate Thread Hijacking.
    Make a Thread describing your problem and we'll help you

    Cheers,
    Robin
    New Users, please read this..
    Google first, then ask..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •