LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-18-2003, 03:19 PM   #1
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Debian, Android
Posts: 1,819

Rep: Reputation: 46
Question TCP forward works, why not UDP??


I have successfully forwarded tcp connections on port 25 to our internal mail server. I use the same line to forward UDP connections on 5632 to an internal machine and it doesn't work. A port scan shows 25 open and responding, but it shows 5632 non-existent. What gives? Here is the rule I am using.

iptables -t nat PREROUTING -p udp --dport 5632 -d $EXTINT -j DNAT --to-destination 192.168.0.62:5632

also using this

iptables -A FORWARD -p udp --dport 5632 -d 192.168.0.62 -j ACCEPT

and last but not least

iptables -t nat -A POSTROUTING -p udp -d 192.168.0.62 --dport 5632 -j SNAT --to-source 192.168.0.56

.62 is the workstation to be forwarded to and from..
.56 is the Linux Proxy server doin the forwarding..

Does Iptables handle the forwarding of ports above 1024 the same as it does <1024? Or is there a difference in the way udp connections are forwarded?

Please help.. I really need to make this work. I got 25 forwarded after only a month and a half of trying. Thanks in advance..

Sorry to the mods for double posting. I am having difficulty editing/deleting my own posts. I tried to rewrite the first one and it said I didn't have permission. Again very sorry about this. I do know better than this.

Last edited by Pcghost; 02-18-2003 at 03:51 PM.
 
Old 02-18-2003, 04:31 PM   #2
SlickWilly
Member
 
Registered: Dec 2002
Posts: 327

Rep: Reputation: 30
Just reading your intentions I came up with the following :

Forward udp port 5632 to 192.168.0.62 from Linux box 192.168.0.56.

# $IPTABLES -t nat -A PREROUTING -p udp -d 192.168.0.56 --dport 5632 -j DNAT --to 192.168.0.62:5632
# $IPTABLES -A FORWARD -p udp -d 192.168.0.62 --dport 5632 -j ACCEPT

That should do you.

Not entirely sure why you're using the postrouting either.

*ponder*

You'll find that lots of games require forwarding a (range of) UDP port(s). Here's an example page you might want to peruse :

http://www2.farbot.com:81/linux/firewall_games.php

[edit]
It also appears you left off the -A in your first iptables line - the one before PREROUTING. Which isn't good..
[/edit]

[edit2]
Quote from sig:
Quote:
Networking Master
Time for a sig change methinks. *cough*
[/edit2]

Slick.

Last edited by SlickWilly; 02-18-2003 at 04:34 PM.
 
Old 02-18-2003, 05:33 PM   #3
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Debian, Android
Posts: 1,819

Original Poster
Rep: Reputation: 46
Thanks for the help. Iptables is not included in my big headed signature line. :-)
 
Old 02-18-2003, 07:03 PM   #4
closer8888
LQ Newbie
 
Registered: Feb 2003
Posts: 2

Rep: Reputation: 0
Answer to the postrouting question. I found that to be the only work around for forwarding. I think the problem has something to do with routing. I could use an answer to this problem also.
The problem is that ports do not get forwarded on the local network without post routing them. Forwarding to a local nic and address works fine
 
Old 02-19-2003, 11:39 AM   #5
Pcghost
Senior Member
 
Registered: Feb 2003
Location: The Real Washington
Distribution: Debian, Android
Posts: 1,819

Original Poster
Rep: Reputation: 46
Quote:
Originally posted by SlickWilly
Just reading your intentions I came up with the following :

Forward udp port 5632 to 192.168.0.62 from Linux box 192.168.0.56.

# $IPTABLES -t nat -A PREROUTING -p udp -d 192.168.0.56 --dport 5632 -j DNAT --to 192.168.0.62:5632
# $IPTABLES -A FORWARD -p udp -d 192.168.0.62 --dport 5632 -j ACCEPT
Slick.
Thanks for the help. I am about to test this again. Quick question. In the above example you are forwarding port 5632 from the internal interface of the server to the internal nic on the client. Is that it? I have been forwarding from the external NIC on the server to the internal ip of the client. Back to the books I go.

EDIT: Woohoo that did it. Thanks for all the help. I really appreciate it... Woohoo!!

Last edited by Pcghost; 02-19-2003 at 02:04 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
TCP/UDP Confusion blackhole123 Linux - Networking 1 11-15-2005 04:46 AM
tcp/udp and c++ Kroenecker Programming 1 05-10-2005 12:56 PM
UDP over TCP The_Nerd Programming 7 07-21-2004 10:45 PM
Only receiving UDP packets, no TCP erevlehdeux Linux - Networking 1 04-23-2004 08:36 PM
TCP vs. UDP mikeshn Linux - Networking 5 05-17-2003 05:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration