port based nating with iptables

shiladitya · 10-01-2013, 01:17 AM

on eth0 port we have public ip and eth1 we have ip 10.31.0.1 which provides dhcp and squid service.Port 8080,53,67,80,443 is open.Now for an application we have to open 1521,8443 port so that it can hit remote server 1521,8443 port. But only opening port is not helping us connect to remote server. So we need to enalble nat for this specific port request. By what iptable command can we accomplish port based nating. Pl guide.

SAbhi · 10-01-2013, 02:04 AM

what you have in your iptables, share the output from iptables -L and iptables -t nat -L

shiladitya · 10-02-2013, 11:34 PM

The server fuction squid proxy server no nat rules are enabled and in input chains the ports 80,443,25,67,53 are opened and in input chain 1521,8443 for application

SAbhi · 10-03-2013, 05:54 AM

ok,
so with all info provided i can assume you need to open a port for your application to hit a remote server at a specific port.

on a pre-assumption this could be of help:

Code:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1521 -j REDIRECT --to-ports [your_remote_server_ip]:1521

Quote:

But only opening port is not helping us connect to remote server. So we need to enalble nat for this specific port request. By what iptable command can we accomplish port based nating. Pl guide.

How did you opened the port ?
what have you tried till now ?
did you checked squid logs to confirm it is blocking your application?
did you checked application access logs to check whether it ever hit the remote server ?

It is Always advised to share proper content to get a proper answer.

shiladitya · 10-08-2013, 03:58 AM

When I tried to enable nating of port following error is comming
iptables v1.4.7: IP address not permitted.
checking the port is open or not by telnet the port.