LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 11-20-2003, 11:39 PM   #1
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Rep: Reputation: 30
Question ?Accessing my internal ip webpages from external


Hi

I have one linux box working as router,proxy,firewall without apache or mail applications with two ethernet cards (1 for external stat.ip and 1 for internal ip add 192.168.0.33).

One of the internal ip windows xp pro pc contains IIS 6 with some of my own webpages.

So for Accessing my pages from outside of my premises what should i require and how to do this.

One of my friend told to nat the ip address will work and i tried the following but no use.


/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 202.xxx.xxx.xx --dport 8080 -j DNAT --to-destination 192.168.0.53:8080


can anyone help me
pudhiyavan

Last edited by pudhiyavan; 11-21-2003 at 05:05 AM.
 
Old 11-21-2003, 11:18 AM   #2
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
I don't think iptables accepts address port combinations in the format 192.168.0.53:8080

You don't need to specifiy the destination port as it will be left as 8080
eg
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 202.xxx.xxx.xx --dport 8080 -j DNAT --to-destination 192.168.0.53

You can probably leave out -d 202.xxx.xxx.xx as well so it NATs incoming connections to port 8080 from eth0 whatever the ip address.
 
Old 11-21-2003, 11:10 PM   #3
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Original Poster
Rep: Reputation: 30
Hi zaphodiv

Greetings to you

I tried the same, after that i am getting the error from squid as following,

ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://202.xxx.xxx.xxx:8080/

The following error was encountered:

* Connection Failed

The system returned:

(111) Connection refused

The remote host or network may be down. Please try the request again.

Your cache administrator is pudhiyavan@blue.mynet.net.
Generated Sat, 22 Nov 2003 04:26:49 GMT by proxy.mynet.net (squid/2.5.STABLE3-20030814)

Can anything be changed in squid.

regds
pudhiyavan
 
Old 11-22-2003, 07:18 AM   #4
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
Run a sniffer on eth0 and try to load the website.
If you see a SYN to port 8080 and a FIN in return then it's not squid's fault.

Also sniff the 192.168 network and see if a SYN is actually sent to the IIS machine.

Posting a list of the existing iptables rules might help.
 
Old 11-23-2003, 11:08 PM   #5
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Original Poster
Rep: Reputation: 30
hi zaphodiv

thanks for your reply. sorry for this question, how to sniff.

i have flushed out all my iptables and tried still no result.
 
Old 11-24-2003, 01:20 AM   #6
chrisfirestar
Member
 
Registered: Sep 2003
Location: Adelaide, Australia
Distribution: Fedora/RH
Posts: 231

Rep: Reputation: 30
Quote:
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 202.xxx.xxx.xx --dport 8080 -j DNAT --to-destination 192.168.0.53
this isnt quite right i think

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 202.xxx.xxx.xx --dport 8080 -j DNAT --to-destination 192.168.0.53:8080 (or whatever port you will send it to)

you also have to make sure that that is accepted by the iptables...

/sbin/iptables -A INPUT -i eth0 -d 202.xxx.xxx.xx -p tcp -m tcp --dport 8080 -j ACCEPT


where eth0 is your extCard

hope that helps

Last edited by chrisfirestar; 11-24-2003 at 01:25 AM.
 
Old 11-24-2003, 10:10 AM   #7
pudhiyavan
Member
 
Registered: Oct 2003
Location: Linux world
Distribution: redhat,mandy,centos,debian,ubuntu
Posts: 209

Original Poster
Rep: Reputation: 30
thanks chris

i tried the same, still im getting the error, i am getting page not found msg
 
Old 12-08-2003, 01:48 AM   #8
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
>question, how to sniff.
tcpdump -i eth0
and see the man page for how to filter the output.

>this isnt quite right i think
Works for me.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
accessing my site from internal network FLBlindman Linux - Networking 10 08-22-2005 10:39 PM
accessing an internal network via internet softice2001 Linux - Networking 7 10-21-2004 01:35 PM
Internal ZIP problems - which file system type? timread Linux - Newbie 16 10-12-2004 08:26 AM
accessing an internal network via internet kg4joh Linux - Networking 1 10-03-2004 09:02 PM
accessing box from internal network but not from external JereBear Linux - Networking 12 05-12-2001 02:12 AM


All times are GMT -5. The time now is 11:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration