Find the answer to your Linux question:
Results 1 to 5 of 5
I have been working on this for quite some time, still have not find a solution. have pc1 acts as firewall, pc2 has some services running on it so i ...
  1. 11-02-2010 #1
    yurk
    yurk is offline
    Just Joined!
    Join Date
    Nov 2010
    Posts
    3

    iptables Forwarding issue

    I have been working on this for quite some time,
    still have not find a solution.

    have pc1 acts as firewall, pc2 has some services running on it
    so i need to forward the request from firewall to the pc2 and the other way around.

    i need 2 ports to be working like that
    1 - 2260 for ssh (pc1) -> maps to 2260 on pc2
    2 - 8091 for tomcat (pc1) -> maps to 8080 on pc2

    my ssh works great here are the rules for ssh:

    -A FORWARD -p tcp -i $WAN_IFace --destination-port 2260 --destination 192.168.1.10 -j ACCEPT

    -t nat -A PREROUTING -p tcp -i $WAN_IFace --destination-port 2260 -j DNAT --to-destination 192.168.1.10:2260

    $IPT -t nat -A PREROUTING -p tcp -i $Local_IFace --destination-port 2260 --destination $INET_ADDRESS -j DNAT --to-destination 192.168.1.10:2260


    when I do the tomcat stuff i have this:

    -A FORWARD -p tcp -i $WAN_IFace --destination-port 8080 --destination 192.168.1.10 -j ACCEPT

    -t nat -A PREROUTING -p tcp -i $WAN_IFace --destination-port 8091 -j DNAT --to-destination 192.168.1.10:8080

    -t nat -A PREROUTING -p tcp -i $Local_IFace --destination-port 8091 --destination $INET_ADDRESS -j DNAT --to-destination 192.168.1.10:8080


    These rules look fine to me, but no matter what i do it does not work.
    I know that the tomcat is running and listening to the port 8080, I also tried
    forward to the port 80 just to make sure that its not tomcat causing it.

    I hope someone can help me out.

    thanks
    Reply With Quote Reply With Quote
  2. 11-04-2010 #2
    yurk
    yurk is offline
    Just Joined!
    Join Date
    Nov 2010
    Posts
    3
    Is there anyone who can help me out?
    I don't think i'm the only one who has to deal with this kind of stuff.
    Reply With Quote Reply With Quote
  3. 11-05-2010 #3
    slimg00dy
    slimg00dy is offline
    Just Joined!
    Join Date
    Jul 2010
    Posts
    11
    Is it possible to run anything else on port 8080 just to make sure its not a fault on the client end?

    Also is SELinux on?
    Reply With Quote Reply With Quote
  4. 11-05-2010 #4
    yurk
    yurk is offline
    Just Joined!
    Join Date
    Nov 2010
    Posts
    3
    Quote Originally Posted by slimg00dy View Post
    Is it possible to run anything else on port 8080 just to make sure its not a fault on the client end?

    Also is SELinux on?
    Hi, I am a moron.
    No the SElinux was off, that's first thing i checked.
    There was ANOTHER! firewall in place that manages the local connections of the network that would not allow these ports to communicate. So my iptables as i expected were correct.

    .. i guess classic id-10-t problem.
    Reply With Quote Reply With Quote
  5. 11-05-2010 #5
    slimg00dy
    slimg00dy is offline
    Just Joined!
    Join Date
    Jul 2010
    Posts
    11
    Quote Originally Posted by yurk View Post
    Hi, I am a moron.
    No the SElinux was off, that's first thing i checked.
    There was ANOTHER! firewall in place that manages the local connections of the network that would not allow these ports to communicate. So my iptables as i expected were correct.

    .. i guess classic id-10-t problem.

    Its all good, we all make mistakes. What other firewall was running??
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...