[ale] port forwarding help

Michael D. Hirsch mhirsch at nubridges.com
Fri Apr 4 09:28:03 EST 2003 

On Friday 04 April 2003 06:12 am, Joe wrote:
> You might have already checked on this, but here is a suggestion.  Are
> you accepting those packets in your INPUT chain?

Well, first, I reset all firewalling for testing purposes, so everything 
gets accepted.  But second, do I really need to?  If I'm forwarding the 
packet in the PREROUTING table, do I ever have to accept it?  I thought 
you only accept packets that you will deal with locally.

Thanks,

Michael

>
>
> Joe-
>
> ----- Original Message -----
> From: "Chris Ricker" <kaboom at gatech.edu>
> To: <ale at ale.org>
> Sent: Thursday, April 03, 2003 2:42 PM
> Subject: Re: [ale] port forwarding help
>
> > On Thu, 3 Apr 2003, Michael D. Hirsch wrote:
> > > This seems simple, but I've been thumping my head against if for a
> > > while now.  All I want to do is forward anything to port xx to
> > > machine
>
> y.y.y.y.
>
> > > From reading docs it looks like all I need this:
> > >
> > > iptables -t nat -A PREROUTING -p tcp --dport xx -j DNAT --to
> > > y.y.y.y:xx
> >
> > that's fine
> >
> > > I have made sure that port forwarding is turned on.
> > >
> > > I test by telnetting to port xx on the forwarding box, but never get
> > > a connection.
> > >
> > > One other possible complication, do I need to worry that I have only
> > > 1
>
> nic
>
> > > card?  So on my test box all the traffic is really on one network. 
> > > In production, of course, I will use multiple network cards.
> >
> > bring up a virtual interface and forward it (rather than the IP you've
> > configured on the real interface)
> >
> > that still might not work, but it's more likely to ;-)
> >
> > later,
> > chris
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list