I'm having this problem with iptables:

I have a firewall (linux) connected to the internet. It's my lan's (few computers) gateway.

I have set a web server in one of my lan's computers. I want internet's requests coming to port 9000 of my gateway to be forwarded to my internal web server (port 8888) so it can handle the requests (I'm knid of freaky.... that's why I use this ports :P).

I added one rule to PREROUTING to achieve this:

In FORWARD, there's no rule... the policy is ACCEPT

I added one restriction to the MASQUERADE rule of POSTROUTING so that this packets (the ones i'm talking about in the problem) don't get masqueraded (I thought this was the problem... but it seems it wasn't). POSTROUTING policy is accept as well.

i have checked that the packets arriving at the port 9000 are being accounted for in iptable's rule counter (iptables -L -v).

At the web browser, i get a connection refused message. At first, i thought the traffic was having a problem because of it being masqueraded after hitting the fireall... but as I told you, that wasn't the problem, because I'm only masquerading traffic from the lan itself.

I have noticed that NO TRAFFIC is being forwarded to the web server. No request is left at the internal server's log. No traffic is incoming from the gateway (to the internal web server).

What can be the problem?

I'd appreciate any help. Thanks!

Hi, I know this reply comes late, but I found your post when I issued a similar problem.

One friendly fellow here told me that changing the port is not a good idea for http-requests, because the port is stored in the http-headers as well !

So you cold try to change the port where youre http-sever listens to 9000, for example !

Please let me know if this was succesful !

Regards, Michael

After all that, You could probably be missing this
Checkback.