LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-14-2007, 03:53 PM   #1
ajaimes
Member
 
Registered: Dec 2004
Distribution: Ubuntu
Posts: 34

Rep: Reputation: 15
DNAT configuration


Hello experts!

DNAT is driving me crazy!, I can't make it work...

iptables -t nat -A PREROUTING -d 10.10.20.99 -j DNAT --to-destination 10.10.14.2

what do you recommend to troubleshoot this???

thank you
 
Old 06-14-2007, 04:55 PM   #2
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
Are you trying to foward all outside ports to that internal IP?
Or have you open some ports on the wan interface?
Is what you need through being block on the external wan interface?

If so then does Firewall have all or the needed outside external ports opened to the outside then the rule should send anything coming in to that IP. It would be better to forward only the needed ports to the machine. Then open the needed ports to the outside wan port.

Example of a single port. You can set it up to use multiple ports on the same line or I perfer a line for each forwarded port.
Code:
#	$IPTABLES -t nat -A PREROUTING -i $EXTERNAL_INTERFACE -p tcp -d $EXT_IP --dport 80 \
#		-j DNAT --to-destination 192.168.3.58:80
Brian
 
Old 06-14-2007, 05:07 PM   #3
ajaimes
Member
 
Registered: Dec 2004
Distribution: Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
I tried doing a port by port DNAT but didn't work, that's why I thought about DNATing everything, but didn't get any luck...
 
Old 06-14-2007, 05:09 PM   #4
ajaimes
Member
 
Registered: Dec 2004
Distribution: Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
I'm sorry, I misunderstood your question... how do I check which ports are open?
 
Old 06-14-2007, 05:32 PM   #5
ajaimes
Member
 
Registered: Dec 2004
Distribution: Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
I found the solution I was missing: iptables -P FORWARD ACCEPT

thank you
 
Old 06-15-2007, 03:48 PM   #6
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
Glad to see you have it working. The way I check for open ports is if the machine is the one connnected to the internet is goto this site or many others and have it scan ones machines. http://www.hackerwatch.org/probe/

Brian
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Dnat sanjibgupta Linux - Networking 2 04-19-2007 04:56 AM
dnat module jelgavchik Linux - Networking 1 01-18-2005 07:52 AM
dnat kapcreations Linux - Networking 1 12-28-2004 04:12 PM
IP Tables DNAT hakcenter Linux - Networking 5 11-02-2003 10:35 PM
iptables DNAT bentz Linux - Networking 15 05-19-2003 01:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration