Hi,
A few questions from my side.
Have you configured the box as a router? if no configure the host as a router, the following will help you to configure the host as a router.
1) If you are not enabled IP-forwading, enable it.
This will help you to enable nating
http://www.howtoforge.com/nat_iptables
2) if you are not enabled NATing, enable nating, same URL will help you (Before that save the current config using iptables-save, Ie iptables-save > /tmp/iptables-conf-date)
a) Then check the current config using
Code:
iptables -t nat -L -n --line-number (This will list the nat table entry's with line number)
b) Flush the current rules in the filter and nat table using -F
Code:
iptables -t filter -F
iptables -t nat -F
c) Then forwarding and Masquerade
Code:
iptables -t nat -I POSTROUTING 1 -o eth0 -j MASQUERADE # eth0 is having the public ip and eth1 is in private network
iptables -t filter -I FORWARD 1 -i eth1 -j ACCEPT
d) After that enable logging in the PREROUTING table... so you will get better idea about what is happening in the host
Code:
iptable -t nat -I PREROUTING 1 -j LOG --log-level 4
iptables -t nat -I PREROUTING 2 -p tcp -s <Your network> --dport 80 -j DNAT --to-destination 192.168.0.1:80 # You are giving access
iptables -t nat -I PREROUTING 3 -p tcp -s ! <NOT your network> --dport 80 -j DNAT --to-destination 192.168.0.2:80 # Remote host
PS:- I hope the default policy of all chains are ACCEPT.
--
Thanks,
Bijo