Ok, I am trying to get a handle on doing all the PREROUTING,FORWARDING, and POSTROUTING required for Gnutella to work properly behind my Linx NAT/Firewall/Router running on my home network. I have found many, many related posts on the 'net, but none are clear or inclusive. i.e. they dont' address all of the requirements, or, if they do, the commands are spread out over the iptable config file such that I can't find which ones I need and which ones I do not need.
Here is my setup using ASCII art -
[Internet]---[eth0][Linux NAT/FW/Router][eth1]---[Gnutella Host
Here is my idea of what commands I need to get it all to work
##accept incoming gnutella packets
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 6346 -j DNAT --to-destination 10.0.0.3:6346
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 6436 -j DNAT --to-destination 10.0.0.3:6346
##Ok, their accepted and set to go to 10.0.0.3, now forward them to the correct system
iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 10.0.0.3 --dport 6346 -j ACCEPT
##Allow the Gnutella host to also connect to other Gnutella Hosts
iptables -A FORWARD -i eth1 -o eth0 -s 10.0.0.3 --sport 1024: -p tcp,udp --dport 6346 -j ACCEPT
##the Gnutella host need to reply, but make it look like the reply is from Internet Connection
iptables -t nat -A POSTROUTING -p tcp -s 10.0.0.3 --sport 6346 -j MASQUERADE
First, is any of this redundant? Second, do I need to add anything to allow the Gnutella host to send replies back to systems that connect to it? How about allow it to connect out?
Thank you for reading this far, thank you even more if you reply with helpful information.