[Gllug] missing something simple on iptables config
Andy Millar
andy at andymillar.co.uk
Mon Apr 28 18:08:22 UTC 2008
Ashley,
What is your masquerade rule? (iptables -t nat -L)
Perhaps that isn't working for routing to 192.168.67.0?
Kind Regards,
Andy
---
Andy Millar
t: +44 (0) 845 862 0268
e: andy at andymillar.co.uk
-----Original Message-----
From: gllug-bounces at gllug.org.uk [mailto:gllug-bounces at gllug.org.uk] On
Behalf Of Ashley Evans
Sent: 28 April 2008 18:59
To: Greater London Linux User Group
Subject: [Gllug] missing something simple on iptables config
Hi all,
I've got a couple of rules on a linux box here at work. One works and
one doesn't. The rule that is fine is:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 20:21 -j DNAT
--to-destination 10.7.0.91
The one that doesn't is:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5001 -j DNAT
--to-destination 192.168.67.1:3389
Input policy is set to allow all.
eth0:1 has the 10.7.0.0 range
eth0:2 has the 192.168.67.0 range
I can access the resource on 192.168.67.1 that I'm trying to access via
portforwarding behind my NAT if I try from the linux router itself, but
from the outside world (and address on eth1). It hangs like the packets
are being dropped. If I remove the rule I get a direct connection
refused as expected.
Any thoughts on what I'm missing. I'm sure it's something silly and
I'll be embarrassed but it's getting late in the day and I'm tired :)
Thanks for any help.
Regards,
Ashley
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list