G'day all.
Having massive problems with IPTABLES. Wish to pass traffic coming from the net to our web server on the private LAN.

ETH0=203.34.217.21
ETH1=192.168.1.21

www=192.168.1.30

Using mandrake 8.1, I tried the following to get it working in its most simple form.

iptables -t nat -A PREROUTING -i eth0 -p tcp -d 203.34.217.21 --dport 80 -j DNAT --to 192.168.1.30:80
iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 192.168.1.30 --dport 80 -j accept
iptables-t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to-source 203.34.217.21

Also made sure I had ip_forward set to "1"

Packets are not making it out the internal interface...
Can any one help ?
Thanks all
John
jbrandis@entellect.com.au

If you find out how to do it, please let me know. I'm also stuck on the same problem.

John,

I suggest you try the line I gave didget in his post.
http://www.linuxquestions.org/questi...?threadid=9530

Also join the thread as you both have the same issue.

/Raz

PROBLEM RESOLVED

I feel so stupid. The most simple error. I had a mate have a look at it for me. He indicated that the firewall was not getting any packets back from the initial request (the packet being forwarded/masqd). It then hit me, the default gateway on the target machine was not pointing to the correct gateway.

I changed the gateway settings on the target machine and it all started to work...

Its the most simple problems that cause the most disruption, that we always overlook.

Thanks for your time every one.

Hmmm, I don't have the target's gateway pointed to the firewall IP either but it shouldn't matter as long as it broadcasting on the right internal ip. I assume this because I can connect to it via lynx from the firewall. Any Ideas? I'm getting really frustrated