port forwarding problem

roueleader · 02-02-2002, 10:57 PM

I am running a smoothwall firewall 0.9.9 SE
I am trying to port forward port 80 to my web server
I have setup all the port forwarding and external services,
however I still cannot get to my web site from my RED network
I can get to it from my Green Network,
My web server is on a redhat 7.2 system running the apache web server.

DavidPhillips · 02-03-2002, 12:26 AM

we may need to know what red and green networks are associated with

here is my forwarding rule

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 10.0.0.2

as you can see it will forward the outside traffic on eth0 to the other machine but it will not forward it from the lan side on eth1

so from the lan I access the machine itself.

from the internet you would access the other machine

pluggen · 02-20-2002, 10:59 AM

i don't really understand what you are saying now...

I'm having the same problem, under the services tab i defined that tcp port 80 should be forwarded to ip 192.168.0.2:80... from the green network i can access the orange server, but i cannot acces my orange server from the internet...

config:
GREEN --> 10.0.0.x (subnet 255.255.0.0)
ORANGE-->192.168.0.x (subnet 255.255.0.0)
Smoothwall can ping the orange server
When pinging from orange machine i get:
Reply from 192.168.0.1: Destination port unreachable.
I double checked the tcp/ip settings on both machines, and those are fine.

DavidPhillips · 02-20-2002, 08:14 PM

not being able to ping the machine may be a firewall issue.

otherwise maybe another rule is superceeding the port 80 forwarding rule.

move the deny rules to the bottom

pluggen · 02-21-2002, 04:12 AM

there are no deny rules (for what i thought)....i just left the firewall alone after installation...

what do U suggest?

pluggen · 02-21-2002, 08:39 AM

all is working fine now!

redur · 06-09-2002, 03:45 PM

Pluggen - what did u do to fix the broblem?

tontod · 06-10-2002, 06:01 PM

David Phillips: This is a simple question, but how do you forwarding multiple ports? Do you have to write a small script or something?

DavidPhillips · 06-11-2002, 04:36 PM

just make a rule for each port with the port and what machine to forward it to

DavidPhillips · 06-11-2002, 04:44 PM

Here's an example of one rule for multiple ports

$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 2001:2025 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -d 0/0 -p udp --destination-port 2001:2025 -i INET_IFACE -j DNAT --to 192.168.0.4
#

here's another
$IPTABLES -t nat -A PREROUTING -d 0/0 -p udp --destination-port 32766:32809 -i INET_IFACE -j DNAT --to 192.168.0.5