LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-28-2001, 02:04 PM   #1
nymig94
LQ Newbie
 
Registered: Nov 2001
Posts: 1

Rep: Reputation: 0
Angry Port Forward with iptables


Newbie to linux and wanted to run internal web servers on my lan. Have tried numerous configurations to have iptables forward ports from linux box to internal lan. Connections from outside the network work fine, but connections from the lan get "connection refused" errors. Any suggestions??? Below is the current config:


$IPTABLES -F
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
$IPTABLES -F -t mangle
$IPTABLES -F -t nat
$IPTABLES -X
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P FORWARD ACCEP

echo 1 > /proc/sys/net/ipv4/ip_forward
$IPTABLES -t nat -A POSTROUTING -o eth1 -j MASQUERADE
$IPTABLES -t nat -A PREROUTING -p tcp -d 65.xxx.xxx.xxx --dport 80 -j DNAT --to 192.168.1.X:80
$IPTABLES -t nat -A PREROUTING -p tcp -d 65.xxx.xxx.xxx --dport 2050 -j DNAT --to 192.168.1.X:80
 
Old 11-29-2001, 07:15 AM   #2
mjakob
Member
 
Registered: Feb 2001
Posts: 69

Rep: Reputation: 15
You should take a look at the following:

http://www.linuxports.com/howto/IP-MASQ/x1525.htm

and then checkout ipmasqadm. It is talked about in the above readme and is my favorite way to forward ports through a firewall.

-Mark
 
Old 11-30-2001, 05:07 PM   #3
jrmann1999
Member
 
Registered: Feb 2001
Location: Texas
Distribution: Slackware, Mandrake, LFS
Posts: 306

Rep: Reputation: 30
I did something similar for FTP setup and had to go from:

/sbin/iptables -t nat -A PREROUTING -d 5.6.7.8 --dport 4000 -j DNAT --to 1.2.3.4:4000

to

/sbin/iptables -t nat -A PREROUTING -d 5.6.7.8 -s ! 1.2.3.4 --dport 4000 -j DNAT --to 1.2.3.4:4000

Or I got some terrible loop between my ftp machine and the firewall rerouting back to itself.
 
Old 12-02-2001, 10:07 PM   #4
dangel
Member
 
Registered: Nov 2001
Location: atl
Distribution: redhat
Posts: 52

Rep: Reputation: 15
i'm having the same problem. iptables starting to make me scratch my head ... hard! i type the SAME exact thing as what you have and i get an error message that --dport isn't understood. BUT when i put in the protocol (ie -p TCP) it works fine.
why is that? why do i *HAVE* to specify the protocol? did you?
 
Old 12-02-2001, 10:10 PM   #5
jrmann1999
Member
 
Registered: Feb 2001
Location: Texas
Distribution: Slackware, Mandrake, LFS
Posts: 306

Rep: Reputation: 30
Heh, it's because I'm a retard and forgot -p tcp
you must specify the protocol.
 
Old 12-02-2001, 10:22 PM   #6
dangel
Member
 
Registered: Nov 2001
Location: atl
Distribution: redhat
Posts: 52

Rep: Reputation: 15
lol.

ok, thanks! still lmao.

still doesn't work though! bah. ipmasqadm worked so well too. not sure why iptables is giving me such a hard time. can't get any of the portfwarding to work. (proxy server, dns, web)
grrrrrr.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTABLES port Forward abhijeetudas Linux - Networking 1 12-02-2005 05:00 AM
iptables forward one port on same IP baetmaen Linux - Networking 2 01-27-2005 09:47 AM
IPtables Forward 1 Port to another on the same IP KevinB Linux - Networking 2 01-13-2005 11:56 PM
How to port forward with IPTABLES... Scrag Linux - Security 6 12-13-2004 05:57 AM
IPTABLES port forward wanaka Linux - Security 3 09-28-2004 08:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration