LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Question about iptables (https://www.linuxquestions.org/questions/linux-networking-3/question-about-iptables-22992/)

tontod 06-09-2002 01:45 PM
Question about iptables
 
I'm having a problem setting up port forwarding using iptables in redhat 7.3 . I went to ipmasq.cjb.net and followed the HOWTO instructions, it still dosent work.


#Load the NAT module (This pulls in all the others).
#modprobe iptable_nat

EXTIF=ppp0
INTIF=eth1

IPTABLES=/sbin/iptables
/sbin/depmod -a
/sbin/insmod ip_tables
/sbin/insmod ip_conntrack
/sbin/insmod ip_conntrack_ftp ports=21,500
/sbin/insmod iptable_nat
/sbin/insmod ip_nat_ftp
echo " clearing any existing rules and setting default policy.."

PORTFWIP="192.168.0.2"

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -p tcp \
--dport 500 -m state \
--state NEW,ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP --dport 500 \
-j DNAT --to $PORTFWIP:500



$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F

echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state \
--state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG

echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

echo -e "\nrc.firewall-2.4 v$FWVER done.\n"


#Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward



When I run the file, i dont get errors except the lines with the port forwarding, I get this error:
Bad argument `500'

Anyone have any ideas why? Let me know, thanks.






:confused:

Noerr 06-10-2002 07:08 AM
hmm
1.) your variable $EXTIP isn't defined
2.) you are defining rules, and then wipining out??
.
need to take a look what are you doing.
otherwise it should work somehow

tontod 06-10-2002 04:52 PM
iptables
 
I changed the $EXTIP to $EXTIF, but now it says host/network ppp0 not found. I also commented out the 7 lines of iptables.

tontod 06-10-2002 05:03 PM
iptables
 
I was defining it twice because that's how it was on ipmasq.cjb.net. I still get ppp0 not found, which does not make sense, since ppp0 is listed if i do ifconfig.


All times are GMT -5. The time now is 03:01 AM.