Find the answer to your Linux question:
Results 1 to 4 of 4
Hi all, I have a setup like the one shown below and I want to forward HTTP requests from my gateway to my internal HTTP server (and also to forward ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2004
    Posts
    5

    Port-forwarding with iptables problem


    Hi all,

    I have a setup like the one shown below and I want to forward HTTP requests from my gateway to my internal HTTP server (and also to forward UDP packets with destination port 4321 to another internal machine - 192.168.0.100):


    Internet -------------- wan (EXT_IP) GATEWAY (192.168.0.1) lan -------------------- (192.168.0.201) HTTP sever


    Well, this is how I am using iptables:

    Code:
    #!/bin/sh
    iptables -t nat -A POSTROUTING -j MASQUERADE -o wan
    
    iptables -t nat -A PREROUTING -p udp -i wan --dport 4321 -j DNAT --to 192.168.0.100
    
    iptables -t nat -A PREROUTING -p tcp -i wan --dport 80 -j DNAT --to 192.168.0.201
    Using this configuration, the udp packets to port 4321 are forwarded correctly to the internal address 192.168.0.100. However, when I try to access the WEB server from outside I cannot get the WEB pages.

    Is there something wrong? Am I missing any rule?

    Thanks in advance,

    Alex

  2. #2
    Linux User
    Join Date
    Feb 2005
    Posts
    290
    1) is your FORWARD chain set to ACCEPT, or at least ACCEPT forward from 192.168.0.201? (try to initialise your chain at the beginning of the script, i.e. DROP all or ACCEPT all if no other matched rules, and --flush all related chain as well as POSTROUTING and PREROUTING)

    2) is 192.168.0.201's gateway set properly? i.e. to your firewall

    3) very unlikely, but try to add the port number to your ip address i.e.: 192.168.0.201:80

    4) your 192.168.0.201's httpd isn't running :P

  3. #3
    Just Joined!
    Join Date
    Oct 2004
    Posts
    5
    Adam,
    Thanks for your answer.
    I found the (stupid reason... and it corresponds with point number 2:

    2) is 192.168.0.201's gateway set properly? i.e. to your firewall

    The routes.conf of the gateway 192.168.0.201 was wrong!

    Thanks!

    Alex

  4. #4
    Linux User
    Join Date
    Feb 2005
    Posts
    290
    hehe, sometimes i do missed out some minor details as well

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •