IPtables forward
hi guys
i have a problem with iptables i have a scenario like this 192.168.20.1 172.16.20.10 Server1 ----------- Linux router ------------ XP Client default forward policy for forward chain in Linux Router is Drop when i add a rule to allow to allow RDP to xp client it doesnt work i add a roule in router Code:
iptables -I FORWARD -p tcp --dport 3389 -m state --state NEW,STABLISHED -j ACCEPT what should i do when default policy for FORWARD chain is DROP ?? i have a rule |
Your rule will not match return traffic. The port numbers in those packets will be reversed, as the XP system will respond by sending TCP packets from port 3389 to whatever source port used by the RDP client.
You should have a general rule in the FORWARD chain handling only packets matching the ESTABLISHED state, and your other FORWARD rule will then just have to handle NEW packets. Remove the existing rules with iptables -F FORWARD and try this: Code:
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT |
All times are GMT -5. The time now is 06:18 PM. |