Port forwarding

[davesill]

This ought to be simple, but I can't get it to work.

I want to redirect all traffic to port 8099 on system A to the same port on system B.

I tried (on A):

Code:

iptables -t nat -A PREROUTING -p tcp -d ip-of-A --dport 8099 -j DNAT --to ip-of-B:8099
iptables -A FORWARD -p tcp -d ip-of-A --dport 8099 -j ACCEPT

But testing from a third system fails:

Code:

$ telnet A 8099
Trying ip-of-A...
telnet: Unable to connect to remote host: Connection timed out

Unlike connecting directly to B:

Code:

$ telnet B 8099
Trying ip-of-B...
Connected to B (ip-of-B).
Escape character is '^]'.

I usually modify rules in /etc/sysconfig/iptables and do "service iptables restart".

iptable-config only has:

IPTABLES_MODULES="ip_conntrack_ftp"

Do I need to add a module to enable NAT?

[korishan]

I had a similar problem, but with 80 and 21.
Here's what i have for my lines:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o $EXTERNAL -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp -i $EXTERNAL -d 68.226.7.81 --dport 80 -j DNAT --to 192.168.0.3:80
iptables -t nat -A PREROUTING -p tcp -i $EXTERNAL -d 68.226.7.81 --dport 21 -j DNAT --to 192.168.0.2:21


Modify to suite your needs. It's possible you don't have ip_forward turned on(the echo above). Try that and see what happens.

Korishan