[Wolves] IP Tables

Adam Sweet drinky76 at yahoo.com
Tue Dec 20 11:30:10 GMT 2005


I have a machine only available on a 192.168 address
at work and I need to be able to access https from
outside the internal network. So I decided to use
another machine with an outside address and use port
forwarding.

With my primitive IP Tables knowledge, I thought the
following would be enough in /etc/sysconfig/iptables
(it's a Fedora box):

*nat                                                  
                                                      
                                 
:PREROUTING ACCEPT [0:0]                              
                                                      
                                 
:POSTROUTING ACCEPT [20:1420]                         
                                                      
                                 
:OUTPUT ACCEPT [105:6517]                             
                                                      
                                                      
                         
-A PREROUTING -p tcp -i eth0 --sport 443 -j DNAT --to
192.168.10.31: 443                                    
                               
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -j
MASQUERADE                                            
                                        
COMMIT

The -A PREROUTING line is mine, everythign else was
already there. Restart IP Tables and I still see the
page on the machine that should be forwarding. I will
narrow down who can access it later, our perimeter
firewall already does that for now.

Can anyone tell me whats going wrong? I followed
http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
if that helps.

Hopeful...

Ad

-- 

http://www.drinky.org.uk

http://blog.drinky.org.uk


		
___________________________________________________________ 
NEW Yahoo! Cars - sell your car and browse thousands of new and used cars online! http://uk.cars.yahoo.com/



More information about the Wolves mailing list