Find the answer to your Linux question:
Results 1 to 4 of 4
I am trying to setup a IP tables entry to allow incoming connections for a quake 3 arena server behind my Coyote Linux firewall. There is a config file for ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84

    Help with IP tables


    I am trying to setup a IP tables entry to allow incoming connections for a quake 3 arena server behind my Coyote Linux firewall. There is a config file for both my port forwarding rules and my custom firewall rules, making it easy to configure as I do not have to use the cmd line to edit my IP tables. This is my config so far for this particular rule.

    LEGEND:
    x.x.x.x - external IP of friend trying to connect
    eth1 - WAN NIC
    eth0 - LAN NIC


    iptables -A autofw-acl -i eth1 -p tcp -d 192.168.0.55 --dport 27960 -j ACCEPT

    iptables -t nat -A auto-forward -o eth0 -p tcp -s x.x.x.x --dport 27960 -j DNAT --to 192.168.0.55



    It doesnt work, do I need to make a seperate rule for the port forwarding or will it work as included in the chain. I have not edited the port forward config as I have been told my chains above ought to take care of that for me. If any IP tables experts sees that my chain is all outa whack and you want to write one for me here is my setup.

    Cable modem > Coyote Linux router/firewall > switch > internal windows machine. That should be all you need. Thanks in advance guys.

  2. #2
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84
    Ok so I have redone my config a little. I have two entries now, one of which is commented out for the time being.

    CHAIN THAT IS IN EFFECT

    iptables -A INPUT -i eth1 -p udp --dport 27960 -d 109.168.0.55 -j ACCEPT

    iptables -A OUTPUT -o eth0 -p udp --sport 27960 -j ACCEPT

    iptables -A INPUT -i eth1 -p tcp --dport 27960 -d 192.168.0.55 -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 27960 -j ACCEPT

    iptables -t nat -A PREROUTING -p udp --dport 27960 -j DNAT --to-destination 192.168.0.55:27960

    iptables -t nat -A PREROUTING -p tcp --dport 27960 -j DNAT --to-destination 192.168.0.55:27960


    CHAIN THAT IS COMMENTED OUT

    #iptables -t nat -A PREROUTING -i eth1 -p udp --dport 27960 -j DNAT --to-destination 192.168.0.55

    #iptables -A FORWARD -p udp -o eth0 --sport 27960 --to-destination 192.168.0.55 -j ACCEPT

    #iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 27960 -j DNAT --to-destination 192.168.0.55

    #iptables -A FORWARD -p tcp -o eth0 --sport 27960 --to-destination 192.168.0.55 -j ACCEPT


    PORT FORWARD CONFIG

    auto Y udp 27960 192.168.0.55

    auto Y tcp 27960 192.168.0.55


    Can anyone verify my work. I have no way of starting a server right now and testing these chains so that is why I ask of your help. Thank you

  3. #3
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84
    I dont think I need those OUTPUT's since I declare the destination in the INPUT.

  4. #4
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84
    Any ideas anyone? Surely someone knows what I am doing wrong.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •