Used that and it worked, HOWEVER not completely.

I did not however add the 2nd rule yet. Will have to wait until I get back to work.

I enter the ip addy into a browser to hit the internal device..which brings up a log in page.

I then enter the username/password for the device and it says connect failed...

Keep in mind, doing the above steps from inside the lan works perfectly.

Does the 2nd rule that I left out create a path back out? I am not sure how it gets there and back, but when I enter the username/password it fails??

:cool:

Both rules added.

No luck, same problem.

??

Slackware 8.1 & Iptables Help
 

Remove POSTrouting for now. I am not sure its needed. Just use PREROUTING TABLE as this will forward all packets from internet going to your public IP to your LAN webserver. I didnt include the forward as I assume its allowed by your firewall already (all established connections forwarded). But here is an additional rule for the FORWARD tables. This basically verifies if the packet came from within the LAN (-i eth1) and should go through the iNet interface (-o eth0). I made sure that the LAN IP is the source though. Hope this works for you.


iptables -D PREROUTING -t nat -p tcp -d <PUBLIC-IP> --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to <LOCAL LAN IP>:80
iptables -D FORWARD -i eth1 -o eth0 -s <LACAL LAN IP> -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

If it still doesnt work, try specifying default rules for FORWARD to allow. Then add the PREROUTING rule.

I will try that.

Thank you for your time!!

:cool:

Odd problem. I restarted the box as to flush the old chains as I normally have when trying something new.

Well it says "Bad rule (does a matching rule exist in the chain?)"

Happened on both, so needless to say I could not enter them.

:confused:

Bump.
:cool:

Well...I figured out the system was using a port number..entered that into the above rules and nothing..

So I am still stuck..

More bumpage...

:cool:

You guys give up on me or what?

:cool:

**Looks around room**

[/crickets]

:cool:

Still looking to figure this out..

Any help would be GREATLY appreciated.

Thanks in advance.
:cool:

Here is what I am working w/currently.

Flushed the old rules to start over..

Everything is fine, w/the exception that I can't access the device from outside the net.

:cool:

So I'll take this as a we don't know, or we don't care to help..

Still plugging away w/no luck...

:confused: