Port-forwarding with iptables problem
I have a setup like the one shown below and I want to forward HTTP requests from my gateway to my internal HTTP server (and also to forward UDP packets with destination port 4321 to another internal machine - 192.168.0.100):
Internet -------------- wan (EXT_IP) GATEWAY (192.168.0.1) lan -------------------- (192.168.0.201) HTTP sever
Well, this is how I am using iptables:
Using this configuration, the udp packets to port 4321 are forwarded correctly to the internal address 192.168.0.100. However, when I try to access the WEB server from outside I cannot get the WEB pages.
iptables -t nat -A POSTROUTING -j MASQUERADE -o wan
iptables -t nat -A PREROUTING -p udp -i wan --dport 4321 -j DNAT --to 192.168.0.100
iptables -t nat -A PREROUTING -p tcp -i wan --dport 80 -j DNAT --to 192.168.0.201
Is there something wrong? Am I missing any rule?
Thanks in advance,