LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 11-23-2005, 09:41 AM   #1
midiguy732
LQ Newbie
 
Registered: Oct 2004
Posts: 8

Rep: Reputation: 0
iptables - port forwarding


I'm sure this has been addressed a zillion times, but alas, with heavy searching (and googling) I'm still struggling.

My RH9 server has two interfaces. eth0 for the private side (192.x.x.x) and eth1, eth1:1, eth1:2, eth1:3, eth1:4 on the public side, each with it's own public IP, but really the same hardware interface.

What I'm trying to do is route eth1:4 to a dlink webcam that's on the private network, and I am clearly just not getting the syntax correct.

The rest of my firewall script works (rh-lokkit-0-50-INPUT) and is almost "stock" except I closed most ports.

Anyway, here is the trouble area...

*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]

# webcam port forwarding
#-t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
#-t nat -A PREROUTING -p tcp -d 64.36.22.178 --dport 80 -j DNAT --to 192.168.1.21
#-t nat -A PREROUTING -p tcp -d 64.36.22.178 --dport 8481 -j DNAT --to 192.168.1.21

COMMIT

when I run /etc/rc.d/init.d/iptables restart, it bombs telling me I have used "-t" tables where I'm not supposed to.

If I type those lines immediately after iptables at the command prompt, iptables accepts it, however nothing seems to be forwarded to the webcam. The light on the webcam blinks once, indicating *something* hit it, but that's all that I can see so far.

I could easily avoid all this by repatching the webcam to the public side of my network, and deleting the eth1:4 virtual interface and IP address off my RH9 server, however then the webcam is completely exposed and I'd like not to do that. I have four other ethernet web cams I'd like to setup on the same public IP address, using different ports, thus recycling one IP for multiple cameras.

The default ports for the webcam are 80 and 8481. I'm trying to forward these ports from the public side of the server, to the webcam, and have replies go back to the originating ip client on the internet.

Can anyone give me a push in the right direction? I'm sure it's something very obvious, but not hitting me in the face like I hoped.

Thanks in advance!
Frederic

Last edited by midiguy732; 11-23-2005 at 09:42 AM.
 
Old 11-24-2005, 02:40 AM   #2
xrtc
LQ Newbie
 
Registered: Sep 2005
Posts: 28

Rep: Reputation: 15
m8 i dont think that u can t nat MASQUERADE eth0 and eth0:1
i mean u cant use these rule to MASQUERADE the same device with alias ...

try to install a second NIC and put the rules again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables port forwarding geoff3425 Slackware 13 12-20-2011 11:50 AM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 08:35 PM
port forwarding with iptables kkennedy Linux - Networking 1 09-01-2005 07:48 PM
Iptables -- Port Forwarding slack_baby Linux - Networking 3 06-03-2004 03:29 PM
IPTABLES #Port Forwarding goldenmag Linux - Security 4 11-21-2003 08:10 AM


All times are GMT -5. The time now is 05:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration