Find the answer to your Linux question:
Results 1 to 2 of 2
Hello, I'm setting up a public services subnetwork and I need some help with iptables. This is what I manage: Firewall (Debian 4.0r3) with 3 NIC's: eth0 NET, interface "INET", ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2008
    Location
    Catalonia
    Posts
    35

    iptables: redirect eMule ports


    Hello,

    I'm setting up a public services subnetwork and I need some help with iptables. This is what I manage:

    Firewall (Debian 4.0r3) with 3 NIC's:

    eth0 NET, interface "INET", subnet 192.168.3.0/24, connected to a DSL router pointed by a public static IP address.
    eth1 DMZ, interface "IDMZ", subnet 192.168.2.0/24, only one machine
    eth2 LOC, interface "ILOC", subnet 192.168.1.0/24 (XLOC)

    The default policy for INPUT, OUTPUT, FORWARD chains (and PRE/POST-ROUTING) is DROP.

    The firewall masquerades all that comes from LOC and DMZ subnets going to the Internet.

    I'm having problems with eMule ports redirection to a machine in the local network, this is the related portion of the ruleset:

    Code:
    iptables -t nat -A PREROUTING -i $INET -p tcp --dport 4662 -j DNAT --to-destination $MACHINE:4662
    iptables -t nat -A PREROUTING -i $INET -p tcp --dport 4672 -j DNAT --to-destination $MACHINE:4672
    iptables -t nat -A PREROUTING -i $INET -p tcp --dport 4665 -j DNAT --to-destination $MACHINE:4665
    
    iptables -A FORWARD -i $ILOC -o $INET -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 4662 -j ACCEPT
    iptables -A FORWARD -i $INET -o $ILOC -m state --state ESTABLISHED,RELATED -p tcp --sport 4662 -j ACCEPT
    
    iptables -A FORWARD -i $ILOC -o $INET -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 4672 -j ACCEPT
    iptables -A FORWARD -i $INET -o $ILOC -m state --state ESTABLISHED,RELATED -p tcp --sport 4672 -j ACCEPT
    
    iptables -A FORWARD -i $ILOC -o $INET -m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 4665 -j ACCEPT
    iptables -A FORWARD -i $INET -o $ILOC -m state --state ESTABLISHED,RELATED -p tcp --sport 4665 -j ACCEPT
    even though simple, it does not work (I continue having LowID), some help please

  2. #2
    Just Joined!
    Join Date
    Apr 2008
    Location
    Catalonia
    Posts
    35
    Errata: transcription error, 4672 & 4665 are UDP, this way is how I have it actually configured.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •