LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page iptables port forwarding problems
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
Page 2 of 2 1 2
  Search this Thread
Old 01-25-2005, 01:51 PM   #16
JCdude2525
Member
 
Registered: Mar 2004
Location: Berlinsville
Distribution: Slackware/Fedora
Posts: 103

Original Poster
Rep: Reputation: 15
Strange....

Hello-
I decided that it might help if I posted the output of iptables -L and iptables -t nat -L, so here they are-

iptables -L

Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       icmp --  anywhere             anywhere            icmp echo-request 

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  goldeneye.badger     anywhere            tcp spt:8020 
ACCEPT     tcp  --  anywhere             goldeneye.badger    tcp dpt:8020 
ACCEPT     tcp  --  goldeneye.badger     anywhere            tcp spt:8021 
ACCEPT     tcp  --  anywhere             goldeneye.badger    tcp dpt:8021 
ACCEPT     tcp  --  goldeneye.badger     anywhere            tcp spt:8022 
ACCEPT     tcp  --  anywhere             goldeneye.badger    tcp dpt:8022 
ACCEPT     tcp  --  goldeneye.badger     anywhere            tcp spt:8080 
ACCEPT     tcp  --  anywhere             goldeneye.badger    tcp dpt:8080 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain LOG_ACCEPT (0 references)
target     prot opt source               destination         

Chain LOG_DROP (0 references)
target     prot opt source               destination
And, the output of iptables -t nat -L, witch is unusually long...

Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8021 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8020 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8021 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8020 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8080 to:24.238.44.175:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8080 to:192.168.1.106:8080 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8022 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8021 
DNAT       tcp  --  anywhere             24.238.44.175.res-cmts.tv13.ptd.net tcp dpt:8022 to:192.168.1.106:8020 

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
My current configuration is above, if I need to fix something...again...

Thanks
-Jim
 
Old 01-25-2005, 07:35 PM   #17
JCdude2525
Member
 
Registered: Mar 2004
Location: Berlinsville
Distribution: Slackware/Fedora
Posts: 103

Original Poster
Rep: Reputation: 15
Hello all-

I've just been informed by one of my web developers, that my server in fact does work from there remote computer, and many other people said they can get to it from their remote computers. So, for some reason, you can't access the server's from a local machine using it's internet ip. Anybody have any idea's on how to fix this? I think it has to do with the NAT stuff...since my old linksys router could let you do this. It probably worked after the last post where fr_laz showed me his example and I told it the -o interface. Thanks for all your patience though!

-Jim
 
Old 02-09-2005, 03:17 PM   #18
xinhes
LQ Newbie
 
Registered: Feb 2005
Posts: 2

Rep: Reputation: 0
Related Established
I have these line in my FORWARD rules and I donä't se that in your rules?

-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m state --state INVALID -j log-invalid

Is that what' missing?
 
Old 02-09-2005, 04:25 PM   #19
JCdude2525
Member
 
Registered: Mar 2004
Location: Berlinsville
Distribution: Slackware/Fedora
Posts: 103

Original Poster
Rep: Reputation: 15
Hello-
I've fixed this problem a couple of weeks ago, if you want to see my iptables script, then goto-
http://badger.homelinux.org:8080/~jim/iptables

I fixed the problem of not me being able to get to my server using my domain by adding my domain in the /etc/hosts file of my dns server next to the server's ip address.
 
  


Reply
Page 2 of 2 1 2



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
iptables - port forwarding midiguy732 Linux - Networking 1 11-24-2005 01:40 AM
Iptables problems with port forwarding jebaird Linux - Networking 3 08-05-2005 12:35 PM
iptables port forwarding MadTurki Linux - Networking 6 01-05-2004 01:03 PM
Iptables w/port forwarding claytonj25 Linux - Security 8 12-22-2001 08:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:04 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration