Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am having a problem with port forwarding on my Slackware machine.
The Windows 2000 server had to be moved to a new IP, but since this is only temporary, all of the clients couldn't be reconfigured to allow for this change. So I decided to put my Slackware server (usually a file/FTP server) at the IP that the clients would expect the Win2K server to be, and I planed on forwarding any ports to the Win2K server's new IP.
I wrote a very simple script to allow forwarding of DNS, WINS, SMTP (25 and 110), and HTTP to the new IP. But for some reason, only WINS, DNS and port 110 will work. HTTP and port 25 are not forwarded.
Here is my script:
Code:
# Make sure port forwarding is enabled
echo 1 > /proc/sys/net/ipv4/ip_forward
#
# Flush all rules
iptables -F
#
# Declare variables
DEST_IP=(10.16.50.11)
INT_NET=(10.16.0.0/24)
#
# Add forwarding rules
#
# Forward external services
# Web
iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to $DEST_IP
# Incoming mail
iptables -t nat -A PREROUTING -p udp --dport 25 -i eth0 -j DNAT --to $DEST_IP
# Outgoing mail
iptables -t nat -A PREROUTING -p tcp --dport 110 -i eht0 -j DNAT --to $DEST_IP
# Forward WINS request ONLY for clients on the internal network
iptables -t nat -A PREROUTING -p udp -s $INT_NET --dport 1512 -i eth0 -j DNAT --to $DEST_IP
iptables -t nat -A PREROUTING -p tcp -s $INT_NET --dport 1512 -i eth0 -j DNAT --to $DEST_IP
# Forward DNS request
iptables -t nat -A PREROUTING -p udp --dport 53 -i eth0 -j DNAT --to $DEST_IP
iptables -t nat -A PREROUTING -p tcp --dport 53 -i eth0 -j DNAT --to $DEST_IP
# Print message
echo Port Forwarding configured
Keep in mind that while this system has only one interface (eth0) it has both a public and private IP. This is possible because the state network (which provides our internet connection) NATs our two public IPs to two private IPs that were assigned to us. Therefore, any machine that takes the private IP given to us by the state will also respond to the public IP.
Any help would be appreciated, since I have a hundred or so people who don't like to be without email.
OK, now it looks like port 25 isn't getting routed properly from the internet. I know that mail isn't getting in from the state, so it is a good bet it is closed.
Why won't this script route anything properly (except for DNS, which doesn't seem to work through telnet, but I can access the DNS server through it)?
I really need help getting port 25 and 80 to the server, the staff is getting more annoying by the day.
is the other end has any firewall or such?
I just tried to follow a SMTP connection (using telnet) between my box and my SMTP server and look like the server request a connection trought AUTH port (113) during the process. And since you aren't forwarding 113 as well, your client connection die as this time. I have no idea with 110 is but it is probably the same problem
Sorry dude, you'll need a firewall on your Win2k box (if that thing is possible)
Make sure to use tcpdump next time
I actually just fixed the problem about 5 minutes ago.
Apparently the entire machine was screwed up. It was missing modules that it never bothered to mention, couldn't compile software, and the iptables scripts did nothing.
I just used the same method on a different Slackware machine, and it all worked fine.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.