LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-02-2001, 07:31 PM   #1
jbrandis
LQ Newbie
 
Registered: Dec 2001
Location: Sydney
Distribution: red hat 7.1
Posts: 6

Rep: Reputation: 0
Unhappy iptables- not passing packets to server


G'day all.
Having massive problems with IPTABLES. Wish to pass traffic coming from the net to our web server on the private LAN.

ETH0=203.34.217.21
ETH1=192.168.1.21

www=192.168.1.30

Using mandrake 8.1, I tried the following to get it working in its most simple form.

iptables -t nat -A PREROUTING -i eth0 -p tcp -d 203.34.217.21 --dport 80 -j DNAT --to 192.168.1.30:80
iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 192.168.1.30 --dport 80 -j accept
iptables-t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to-source 203.34.217.21

Also made sure I had ip_forward set to "1"

Packets are not making it out the internal interface...
Can any one help ?
Thanks all
John
jbrandis@entellect.com.au
 
Old 12-02-2001, 11:25 PM   #2
didget
LQ Newbie
 
Registered: Dec 2001
Posts: 8

Rep: Reputation: 0
If you find out how to do it, please let me know. I'm also stuck on the same problem.
 
Old 12-03-2001, 12:28 PM   #3
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
John,

I suggest you try the line I gave didget in his post.
http://www.linuxquestions.org/questi...?threadid=9530

Also join the thread as you both have the same issue.

/Raz
 
Old 12-03-2001, 08:46 PM   #4
jbrandis
LQ Newbie
 
Registered: Dec 2001
Location: Sydney
Distribution: red hat 7.1
Posts: 6

Original Poster
Rep: Reputation: 0
Cool Problem resolved

PROBLEM RESOLVED

I feel so stupid. The most simple error. I had a mate have a look at it for me. He indicated that the firewall was not getting any packets back from the initial request (the packet being forwarded/masqd). It then hit me, the default gateway on the target machine was not pointing to the correct gateway.

I changed the gateway settings on the target machine and it all started to work...

Its the most simple problems that cause the most disruption, that we always overlook.

Thanks for your time every one.
 
Old 12-09-2001, 05:44 PM   #5
didget
LQ Newbie
 
Registered: Dec 2001
Posts: 8

Rep: Reputation: 0
I'm still stuck

Hmmm, I don't have the target's gateway pointed to the firewall IP either but it shouldn't matter as long as it broadcasting on the right internal ip. I assume this because I can connect to it via lynx from the firewall. Any Ideas? I'm getting really frustrated
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTABLES - How to allow all packets from a certain address exitsfunnel Linux - Networking 3 09-06-2005 11:35 PM
iptables: passing a single telnet user ridz1700 Linux - Security 1 09-17-2004 05:23 AM
What's the latency of packets when using iptables? queezythegreat Linux - Security 1 04-11-2004 03:35 AM
iptables won't let packets in - check please? Simon Bridge Linux - Security 3 01-26-2004 02:49 PM
iptables won't let packets in - check please? Simon Bridge Linux - Security 1 01-23-2004 10:26 PM


All times are GMT -5. The time now is 05:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration