Iptables problems with port forwarding
 

I am trying to get portforwarding to work on my linux router. I would like to host a webserver that listens on 8080.
eth1 is my internet interface
eth0 is my LAN interface

I got NAT to work this scricpt:

modprobe iptable_nat
echo 1> /proc/sys/net/ipv4/ip_forward

iptables -A POSTROUTING -t nat -o eth1 -s 10.0.0.0/24 -d 0/0 -j MASQERADE
iptables - FORWARD -t filter -o eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

iptables -A FORWARD -t filter -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

as for the Port forwarding this is what I have so far:
Iptables -t nat - A POSTROUTING -p tcp -i eth1 -d 161.210.34.156 ---dport 80 ---sport 1024:65535 -j DNAT --to 10.0.0.11:8080

iptables -p tccp -i eth1 -eth0 -d 10.0.0.11 --dport 8080 --sport 1024:65535 -m state --state NEW -j ACCEPT

iptables -A FORWARD -t filter -o eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -t filter -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

I am very new with iptables. any tips would be great!!
thanks

Re: Iptables problems with port forwarding
 

try this instead (it's basically the same but i cleaned it up for you a little bit ;) ):

just my :twocents:...

thanks win32sux,
I like the cleaned up code, it makes more sence

your welcome... :)

BTW, since you have a static IP, you might wanna use SNAT instead of MASQUERADE: