Results 1 to 2 of 2
I have been trying for a while now to get my linux machine to forward bittorrent ports to a windows machine on my internal network. I'm using a firewall script ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-06-2004 #1
- Join Date
- Nov 2004
Port Forwarding Troubles
$IPTABLES -A INPUT -p tcp --dport 6881:6889 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -i $EXT_IF -p tcp --dport 6881:6889 -j DNAT --to-dest 192.168.1.50
$IPTABLES -A FORWARD -p tcp -i $EXT_IF --dport 6881:6889 -d 192.168.1.50 -j ACCEPT
I'm not sure whats wrong with this so any help would be appreciated
- 11-08-2004 #2
- Join Date
- Apr 2004
You should not need the INPUT rule.
INPUT is only used when the incoming packets are destined for the gateway machine itself (not the case if you are passing these packets onto another machine. If you are forwarding them then you will need to use just the FORWARD and PREROUTING rules
For instance, here is my rules to forward microshaft remote desktop through to an internal machine.
Source ip address (-s XXX.XXX.XXX.XXX) removed for security.
iptables -t nat -I PREROUTING -s XXX.XXX.XXX.XXX -p tcp --dport 3389 -j DNAT --to-destination 192.168.0.3:3389
iptables -I FORWARD -i eth1 -o eth0 -p tcp --dport 3389 -j ACCEPT
You may want to try using -I to insert the rules rather than -A to append them, as if you have specific reject rules then Appended rules will come after the rejection and have no effect