Results 1 to 3 of 3
Hey, Good Linux Folks. Here's what I've tried: ============================================= /sbin/iptables -t nat -A PREROUTING -p tcp -d 192.168.0.149 --dport 11343 -j DNAT --to 192.168.0.39:80 /sbin/iptables -t nat -A POSTROUTING -p ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-02-2003 #1
- Join Date
- Jun 2003
- Milwaukee, WI
Iptables Forwarding Problem (Redhat 9)
Here's what I've tried:
/sbin/iptables -t nat -A PREROUTING -p tcp -d 192.168.0.149 --dport 11343 -j DNAT --to 192.168.0.39:80
/sbin/iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.39 --sport 80 -j SNAT --to 192.168.0.149:11343
I saved those rules, re-started the iptables service, re-booted the Redhat 9 box, verified that only those two were the rules in effect, and pointed IE at 192.168.0.149:11343. No go.
Then, I tried the following two rules:
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.0.149 --dport 11343 -j DNAT --to 192.168.0.39:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.39 --dport 80 -j ACCEPT
But a lot of people are having success with rules like the above, otherwise such examples wouldn't be all over the Internet. So what piece of the puzzle am I missing?!?
Yes, I did echo "1" > /proc/sys/net/ipv4/ip_forward. In fact, that's the first thing I did. No, the ipchains module is not installed.
Although I'm a newbie to Linux, I've been a professional software developer for 25 years (mostly Microsoft Windows stuff, for the last 15 years). And what this smells like to me is that I'm missing some little Linux insight that all the iptables examples assume I already have.
Here's hoping somebody out there can say something like "Duh, Vic: power up the Linux box first; then your iptables scripts will work." Well, you know what I mean...
Thanks in advance.
- 06-02-2003 #2
- Join Date
- Apr 2003
- UK, Manchester
Ignore what I originally posted. I was thinking of something else.
btw - Where is the delete post option ?
- 06-02-2003 #3
- Join Date
- Oct 2001
- Täby, Sweden
Am I correct in the following?
You're running a HTTP server on 192.168.0.39.
You're running a router on 192.168.0.149, and that is the computer on which you are applying these rules.
I'm suspecting what your problem is (I went through the exact same thing), but I'm not sure. Could you give me a bit more info? What's your network setup (included where your internet is connected to), and what computer (IP address and routing info) are you trying to access the server from?