|
Port Forwarding Problem using IPTABLES
Hello!
Please.. I need help.
I have a problem with setting up my iptables.
I need to forward port 80 and other useful ports to my local machine.
Aside from port forwarding, i also configured NAT for other PCs in my local
network to access the internet. NAT works fine except for my port forward.
I just get confused because other ports being forwarded works just fine. e.g
port 25(stmp) but just can't forward port 80. I think the problem is with the
return packets that is forwarded back into my server.
Below is the complete script running in my linux box... please help. there should be something wrong with my script.
Thanks!!...
#!/bin/sh
#Load NAT module
modprobe ip_tables
modprobe ip_conntrack
modprobe iptable_nat
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
#Turn IP Forward
sysctl -w net.ipv4.ip_forward=1
#Flush NAT POSTROUTING CHAIN
iptables -t nat -F POSTROUTING
# Add Iptables nat to eth0 (local loop back)
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Flush PREROUTING CHAIN
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
#forward http port
iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to-destination 192.36.253.2
#forward other ports for mail
iptables -t nat -A PREROUTING -p tcp --dport 25 -i eth0 -j DNAT --to-destination 192.36.253.2
iptables -t nat -A PREROUTING -p tcp --dport 443 -i eth0 -j DNAT --to-destination 192.36.253.2
iptables -t nat -A PREROUTING -p tcp --dport 1352 -i eth0 -j DNAT --to-destination 192.36.253.2
# Flush forward chain
iptables -F FORWARD
iptables -A FORWARD -s 192.36.253.2 -j ACCEPT
iptables -A FORWARD -d 192.36.253.2 -j ACCEPT
#set drop rules
# All access
iptables -A FORWARD -m mac --mac-source 00:02:55:07:47:03 -j ACCEPT #ibmserver
iptables -A FORWARD -m mac --mac-source 00:04:75:C7:61:69 -j ACCEPT #Access_server
# Deny everyone else
iptables -A FORWARD -s 192.36.253.0/16 -j DROP
Thank You for replying
Regards,
^vampire^
|
