forward port 80 to internal LAN network PC

kevint · 04-21-2006, 05:43 AM

i have a linux gateway with two NICs eth0 with public ipaddress 203.xxx.xxx.xxx and eth1 with private address 192.168.1.1. i also have a windows server running a website with IPaddress 192.168.1.10. i want any external client request on my public ipaddress will be forward to my internal server 192.168.1.10. i know this can be accomplish by using iptables with PREROUTING and FORWARD rules. i had tried a few of them but it doesn't work, can someone give me a right rules or commands. thanks in advance..

UK MAdMaN · 04-21-2006, 06:16 AM

Oops. Wrong message.

Capt_Caveman · 04-21-2006, 06:33 AM

Code:

iptables -t nat -A PREROUTING -i eth0 -d 203.xxx.xxx.xxx -p tcp --dport 80 -j DNAT --to-destination 192.168.1.10
iptables -A FORWARD -i eth0 -o eth1 -p tcp -m tcp --dport 80 -j ACCEPT

Make sure that you have forwarding enabled in the kernel as well:
echo 1 > /proc/sys/net/ipv4/ip_forward

kevint · 04-23-2006, 08:29 PM

i had tried this rules previously and now tried it again but it still didn't work.
The browser keeps on browsing without return anything. i ran iptables -vn -t nat -L and i
get
3 144 DNAT tcp -- eth0 * 0.0.0.0/0 10.77.113.39 tcp dpt:80 to:192.168.1.10
and iptables -vn -L
12 576 ACCEPT tcp -- eth0 eth1 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
on the window 2003 server, i did turn off the firewall just for testing but nothing change.
how can i debug this problem??? the system log didn't tell me about it.

Capt_Caveman · 04-24-2006, 08:22 AM

Could you post your entire firewall script or the *full* output of "iptables -vnL" and "iptables -t nat -vnL".