Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Help with IP tables

    I am trying to setup a IP tables entry to allow incoming connections for a quake 3 arena server behind my Coyote Linux firewall. There is a config file for both my port forwarding rules and my custom firewall rules, making it easy to configure as I do not have to use the cmd line to edit my IP tables. This is my config so far for this particular rule.

    x.x.x.x - external IP of friend trying to connect
    eth1 - WAN NIC
    eth0 - LAN NIC

    iptables -A autofw-acl -i eth1 -p tcp -d --dport 27960 -j ACCEPT

    iptables -t nat -A auto-forward -o eth0 -p tcp -s x.x.x.x --dport 27960 -j DNAT --to

    It doesnt work, do I need to make a seperate rule for the port forwarding or will it work as included in the chain. I have not edited the port forward config as I have been told my chains above ought to take care of that for me. If any IP tables experts sees that my chain is all outa whack and you want to write one for me here is my setup.

    Cable modem > Coyote Linux router/firewall > switch > internal windows machine. That should be all you need. Thanks in advance guys.

  2. #2
    Ok so I have redone my config a little. I have two entries now, one of which is commented out for the time being.


    iptables -A INPUT -i eth1 -p udp --dport 27960 -d -j ACCEPT

    iptables -A OUTPUT -o eth0 -p udp --sport 27960 -j ACCEPT

    iptables -A INPUT -i eth1 -p tcp --dport 27960 -d -j ACCEPT

    iptables -A OUTPUT -o eth0 -p tcp --sport 27960 -j ACCEPT

    iptables -t nat -A PREROUTING -p udp --dport 27960 -j DNAT --to-destination

    iptables -t nat -A PREROUTING -p tcp --dport 27960 -j DNAT --to-destination


    #iptables -t nat -A PREROUTING -i eth1 -p udp --dport 27960 -j DNAT --to-destination

    #iptables -A FORWARD -p udp -o eth0 --sport 27960 --to-destination -j ACCEPT

    #iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 27960 -j DNAT --to-destination

    #iptables -A FORWARD -p tcp -o eth0 --sport 27960 --to-destination -j ACCEPT


    auto Y udp 27960

    auto Y tcp 27960

    Can anyone verify my work. I have no way of starting a server right now and testing these chains so that is why I ask of your help. Thank you

  3. #3
    I dont think I need those OUTPUT's since I declare the destination in the INPUT.

  4. $spacer_open
  5. #4
    Any ideas anyone? Surely someone knows what I am doing wrong.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts