DNAT problem

Michal Rysavy mrysavy na trask.cz
Čtvrtek Červenec 19 10:44:42 CEST 2001


Potreboval bych presmerovat prichozi pozadavky z firewallu portu 80 na
vnitrni pocitac port 8888 pomoci iptables (kernel 2.4.3).
Mnou vytvorena konfigurace mi nefunguje - na http server se vubec nedostane.
Co delam spatne ?

S pozdravem Michal Rysavy

Pouzivam nasledujici: (xxx.xxx.xxx.xxx je vnejsi adresa firewallu a
125.1.1.1 je pocitac s http serverem)

# Generated by iptables-save v1.2.1 on Fri Jul 13 20:11:50 2001
*mangle
:PREROUTING ACCEPT [784:211528]
:OUTPUT ACCEPT [329:118091]
COMMIT
# Completed on Fri Jul 13 20:11:50 2001
# Generated by iptables-save v1.2.1 on Fri Jul 13 20:11:50 2001
*filter
:INPUT ACCEPT [602:199728]
:FORWARD ACCEPT [364:107431]
:OUTPUT ACCEPT [377:122415]
COMMIT
# Completed on Fri Jul 13 20:11:50 2001
# Generated by iptables-save v1.2.1 on Fri Jul 13 20:11:50 2001
*nat
:PREROUTING ACCEPT [412:51333]
:POSTROUTING ACCEPT [69:5381]
:OUTPUT ACCEPT [66:5229]
-A PREROUTING -d xxx.xxx.xxx.xxx -i eth0 -p tcp -m tcp --dport 80 -j
DNAT --to-destination 125.1.1.1:8888
-A POSTROUTING -s 125.1.1.0/255.255.255.0 -j MASQUERADE
COMMIT
# Completed on Fri Jul 13 20:11:50 2001





Další informace o konferenci Linux