[Gllug] missing something simple on iptables config
Ashley Evans
ashley at k2.com
Mon Apr 28 17:59:17 UTC 2008
Hi all,
I've got a couple of rules on a linux box here at work. One works and
one doesn't. The rule that is fine is:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 20:21 -j DNAT
--to-destination 10.7.0.91
The one that doesn't is:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5001 -j DNAT
--to-destination 192.168.67.1:3389
Input policy is set to allow all.
eth0:1 has the 10.7.0.0 range
eth0:2 has the 192.168.67.0 range
I can access the resource on 192.168.67.1 that I'm trying to access via
portforwarding behind my NAT if I try from the linux router itself, but
from the outside world (and address on eth1). It hangs like the packets
are being dropped. If I remove the rule I get a direct connection
refused as expected.
Any thoughts on what I'm missing. I'm sure it's something silly and
I'll be embarrassed but it's getting late in the day and I'm tired :)
Thanks for any help.
Regards,
Ashley
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list