Code:
[root@codekrash ~]# iptables -t nat -A PREROUTING -i eth1 -s 0.0.0.0/0 -d 10.8.0.6 -p tcp --dport 8080 -m state --state ESTABLISHED,RELATED -j ACCEPT
Code:
[root@codekrash ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 REJECT all -- 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1194
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3690
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
9 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `iptables denied: '
10 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 10.8.0.6 tcp dpt:8080 state RELATED,ESTABLISHED
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 SNAT all -- 10.8.0.0/24 0.0.0.0/0 to:209.59.217.122
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
do i need to add an additional forward somewhere, because it's not seeming to work
edit:
Code:
iptables -A FORWARD -i eth1 -s 0.0.0.0/0 -d 10.8.0.6 -p tcp --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Code:
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 10.8.0.6 tcp dpt:8080 state NEW,RELATED,ESTABLISHED
maybe i need to change the target ip?
edit2:
Code:
iptables -A INPUT -i eth1 -s 0.0.0.0/0 -d $LANIP -p tcp --sport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -s 0.0.0.0/0 -d $INTERNETIP -p tcp --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -s 0.0.0.0/0 -d $INTERNETIP -p tcp --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT