[ale] Portforwarding

Robert L. Harris Robert.L.Harris at rdlg.net
Mon Nov 5 13:09:38 EST 2001 



I've got pretty much everything compiled in.  I this though and it loaded 3 
modules.  Restarted the script, same problem.

What do you have compiled into the kernel?  I may need to add something I
missed.

Robert

Thus spake James P. Kinney III (jkinney at localnetsolutions.com):

> You don't have the module loaded that handle per port traffic. I think
> it is ipt_tos. Run the following: (I load 'em all!)
> /sbin/modprobe ipt_mac
> /sbin/modprobe ipt_limit
> /sbin/modprobe ipt_tos 
> /sbin/modprobe ipt_mark
> /sbin/modprobe ipt_LOG
> /sbin/modprobe ipt_MARK
> /sbin/modprobe ipt_TOS
> /sbin/modprobe ipt_owner
> /sbin/modprobe ipt_state
> /sbin/modprobe ipt_unclean
> 
> and then reload your firewall script.
> 
> On Mon, 2001-11-05 at 12:55, Robert L. Harris wrote:
> > 
> > OK,
> >   According to the man page, these lines should be fine:
> > 
> >   $IPTABLES -t nat -A PREROUTING -s ! 192.168.0.0/24 -d 67.165.192.199 --dport 80 -j DNAT --to-destination 192.168.0.2
> >   $IPTABLES -A FORWARD -i eth0 -o eth1 -s ! 192.168.0.1 -d 192.168.0.2 --dport 80 -j ACCEPT
> >   $IPTABLES -A FORWARD -i eth1 -o eth0 -s 192.168.0.2 --sport 80 -d ! 192.168.0.0/24 -m state --state ESTABLISHED,RELATED -j ACCEPT
> > 
> > but when I run my NAT script I get this:
> > 
> > iptables v1.2.3: Unknown arg `--dport'
> > Try `iptables -h' or 'iptables --help' for more information.
> > iptables v1.2.3: Unknown arg `--sport'
> > Try `iptables -h' or 'iptables --help' for more information.
> > 
> > The manpage shows --destination-port and --dport.  Tried them both,
> > same error.
> > 
> > 
> > 
> > 
> > 
> > 
> > :wq!
> > ---------------------------------------------------------------------------
> > Robert L. Harris                |  Micros~1 :  
> > Senior System Engineer          |    For when quality, reliability 
> >   at RnD Consulting             |      and security just aren't
> >                                 \_       that important!
> > DISCLAIMER:
> >       These are MY OPINIONS ALONE.  I speak for no-one else.
> > FYI:
> >  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> > 
> > 
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> > sent to listmaster at ale dot org.
> > 
> -- 
> James P. Kinney III   \Changing the mobile computing world/
> President and COO      \          one Linux user         /
> Local Net Solutions,LLC \           at a time.          /
> 770-493-8244             \.___________________________./
> 
> GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> <jkinney at localnetsolutions.com>
> Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 
> 



:wq!
---------------------------------------------------------------------------
Robert L. Harris                |  Micros~1 :  
Senior System Engineer          |    For when quality, reliability 
  at RnD Consulting             |      and security just aren't
                                \_       that important!
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.
FYI:
 perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list