[H-GEN] IPTables port forwarding
Sandra Milne
silne at optusnet.com.au
Sat Apr 19 02:41:07 EDT 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
At 14:47 19/04/2003 +1000, you wrote:
>What you're doing there isn't port forwarding, its letting
>the packets go though if you have a routed network. For port
>forwarding, you need something like:
>
>$IPTABLES -t nat -A PREROUTING -i $EXTIF -o $INTIF -p tcp --dport 5206 -j
>DNAT --to $INTBOX
>$IPTABLES -t nat -A PREROUTING -i $EXTIF -o $INTIF -p udp --dport 5206 -j
>DNAT --to $INTBOX
>
>where $INTBOX is the IP of your internal box. I've used rules like this
>successful to let people connect into internal game servers, forward for
>webservers etc.
I'm sure you probably have used rules like those, but not that exact one.
archer# /sbin/iptables -t nat -A PREROUTING -i eth1 -o eth0 -p tcp --dport
5206 -j DNAT --to 192.168.0.69
iptables v1.2.6a: Can't use -o with PREROUTING
Try `iptables -h' or 'iptables --help' for more information.
And you're correct, the rules I concocted myself don't work. I guess
further assistance is required.
Thanks,
Sandra.
--
silne at optusnet.com.au
"There are 10 types of people in the world -- those that understand binary,
and those that don't."
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list