Find the answer to your Linux question:
Results 1 to 9 of 9
Hello, I need help in setting up a port forwarding on my server, or more precisely, I need a way to check what is happening with the packets sent on ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2009
    Posts
    14

    Port forwarding doesn't work


    Hello,
    I need help in setting up a port forwarding on my server, or more precisely, I need a way to check what is happening with the packets sent on the forwarded port, since they seem to vanish inside the server

  2. #2
    Linux Newbie Ziplock's Avatar
    Join Date
    Jan 2009
    Location
    Adelaide
    Posts
    169
    What firewall software are you using? iptables? or something else. What are you trying to achieve? What distro? What's not working?

  3. #3
    Just Joined!
    Join Date
    Apr 2009
    Posts
    14
    Yes, I'm using iptables. Basicaly I need to do port forwarding, i.e. make local server visible from the outside What doesn't work is that the packets are visible on the WAN interface, but not on the LAN interface.

  4. #4
    Linux Newbie Ziplock's Avatar
    Join Date
    Jan 2009
    Location
    Adelaide
    Posts
    169
    OK, I am assuming at this point that you have set up the firewall correctly. Have you turned on forwarding:

    Code:
    echo "1" > /proc/sys/net/ipv4/ip_forward
    This will need to be done every time you boot.

  5. #5
    Just Joined!
    Join Date
    Apr 2009
    Posts
    14
    Well, that's the problem... I don't know how to set up iptables for port forwarding Or maybe I know, but it doesn't work. Yes, the forwarding is on.

  6. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    You need to use DNAT for this.

    Code:
    iptables -t nat -A PREROUTING -p tcp -d 15.45.23.67 --dport 80 -j DNAT --to-destination 192.168.1.1
    Here is a TUTORIAL for iprtables that should help you

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #7
    Just Joined!
    Join Date
    Apr 2009
    Posts
    14
    Thanks for the tutorial I have already read many things about DNAT, but the rule You posted just doesn't work, I don't know why :/

  8. #8
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Weel you have to ensure packets that are heading back are also NAT'ed.
    Do you have this setup? something like this:
    Code:
    iptables -A POSTROUTING -o eth0 -j MASQUERADE
    Provided eth0 is your external facing interface?

    If this isn't working then maybe posting your rules we can better help you.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  9. #9
    Just Joined!
    Join Date
    Apr 2009
    Posts
    14
    Quote Originally Posted by Lazydog View Post
    Weel you have to ensure packets that are heading back are also NAT'ed.
    Are You sure it's necessary? Isn't the DNAT responsible also for connection tracking? Besides that, I think my problem lies somewhere else: I don't know why NONE of the packets I'm sending reaches the DNAT'ed in-LAN server, moreover NONE of them even leaves the firewall internal LAN interface.

    But I'll try that anyway, thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •