IPTables and web interface problems.
I'm having some issues configuring my iptables settings.
First of all my network:
Modem (Linux box):
eth0 = 10.0.0.1/255.0.0.0
eth1 = 184.108.40.206/255.255.255.252 (Virtual adapter)
ppp = DHCP via ISP (Bridged Ethernet from WAN card).
eth0 = 10.0.0.2/255.0.0.0
eth0 = 220.127.116.11/255.255.255.252
I've got it setup that it's PPP over bridged Ethernet. The WAN card is a PCI card with it's own OS on it.
I've got masquerading working correctly and can connect to the internet just fine.
My problem is with my WAN card. The WAN card has its own telnet and http server on it, but I can only access it from the modem.
If I ping my eth1 on the modem (18.104.22.168) from the laptop (10.0.0.2) the ping is successful.
If I ping the WAN eth0 (22.214.171.124) from the laptop (10.0.0.2), the ping fails.
If I ping, telnet or lynx to the WAN eth0 (126.96.36.199) from my linux box, it works fine.
So basically, only the localhost can communicate with the WAN card's telnet, http etc. Another computer can't.
I believe this is a iptables problem so any help in this area is really appreciated, as I'm kind of new to it all.
Here's my IPTables file (It runs on startup):
IPTBL=/sbin/iptables # Where is IPTables
$IPTBL -F # Flush All Rules
# Hard-Coded Default Policies
$IPTBL -P OUTPUT ACCEPT
$IPTBL -P INPUT DROP
$IPTBL -P FORWARD DROP
# Loopback Traffic Controller
$IPTBL -A INPUT --in-interface lo -j ACCEPT
# Allowed Inputs
$IPTBL -A INPUT -p tcp --dport 80 -j ACCEPT # Allow Apache connections originating from anywhere.
$IPTBL -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT # Allow SSH internally.
$IPTBL -A INPUT -i ppp0 -p tcp --dport 22 -j ACCEPT # Allow SSH from internet.
# Allow Esblashed connections and routing/NAT
$IPTBL -t nat -A POSTROUTING -o ppp0 -j MASQUERADE # Enable NAT.
$IPTBL -A FORWARD -i eth0 -o ppp0 -j ACCEPT # Allow packets generating from inside to outside
$IPTBL -A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow established connections back in.
# HERE IS MY CONFIGS FOR THE WAN HTTP/TELNET SERVER.
$IPTBL -t nat -A POSTROUTING -o eth1 -j MASQUERADE # Allow WAN WGUI to think the local machine is initiating requests.
$IPTBL -A FORWARD -i eth1 -o eth0 -j ACCEPT # Allow connections from WAN card to LAN.
$IPTBL -A FORWARD -i eth0 -o eth1 -j ACCEPT # Allow LAN communication to WAN Card.