From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Rodrigo Leme de Mello" Subject: Re: Doubt about DNAT Date: Tue, 10 Sep 2002 18:19:04 -0300 Sender: netfilter-admin@lists.netfilter.org Message-ID: <029501c2590f$b10bfe90$0100a8c0@desktop> References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0291_01C258F6.8B5A8680" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: stewart.thompson@shaw.ca, netfilter@lists.samba.org This is a multi-part message in MIME format. ------=_NextPart_000_0291_01C258F6.8B5A8680 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Hi Stewart, Yeap! I have and my SQL Server is set with the default configuration, that put it to listen on 1433. I've also did a port scan to check if the port is open and it is. Thanks for youe help Rodrigo ----- Original Message ----- From: Stewart Thompson To: Rodrigo Leme de Mello ; netfilter@lists.samba.org Sent: Tuesday, September 10, 2002 5:27 PM Subject: RE: Doubt about DNAT Hi Rodrigo: Do you have a Forward rule to match the Prerouting rule? Is your SQL server on the Internal Net expecting connections on Port 1433? Stu... -----Original Message----- From: netfilter-admin@lists.netfilter.org [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of Rodrigo Leme de Mello Sent: September 10, 2002 7:17 AM To: netfilter@lists.samba.org Subject: Doubt about DNAT Hi all, I am in trouble to do a rule. Anybody can help me? I want to redirect all traffic from a specific valid ip and specific destination port to a machine located inside a LAN. This rule is to access SQL Server that is located inside a LAN and i have a valid ip address in a linux machine with iptables. I've tried the following: Lan IP with SQL Server: 192.168.0.10 Valid IP with iptables: 200.221.98.123 Valid IP that will acess SQL Server. 200.206.123.112 This rule i've put in the machine 200.221.98.123 iptables -t nat -A PREROUTING -p tcp -s 200.206.123.112 --dport 1433 -j DNAT --to 192.168.0.10 And now i configure my SQL Server to connect to 200.221.98.123 but i still can't connect. Dou you have any idea why it is not working? The ip's i've mentioned are just for example. Thanks a lot Rodrigo ------=_NextPart_000_0291_01C258F6.8B5A8680 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi Stewart,
 
Yeap! I have and my SQL Server is set = with the=20 default configuration, that put it to listen on 1433.
I've also did a port scan to check if = the port is=20 open and it is.
 
Thanks for youe help
 
Rodrigo
 
----- Original Message -----=20
From: Stewart=20 Thompson
To: Rodrigo Leme de Mello ; netfilter@lists.samba.org =
Sent: Tuesday, September 10, 2002 5:27 PM
Subject: RE: Doubt about DNAT

Hi=20 Rodrigo:

 

           =20 Do you have a Forward rule to match the Prerouting=20 rule?

Is your=20 SQL server on the Internal Net expecting connections=20 on

Port=20 1433?

 

Stu=85=85=85

 

 

-----Original=20 Message-----
From: netfilter-admin@lists= .netfilter.org=20 [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of Rodrigo Leme de=20 Mello
Sent: September = 10, 2002=20 7:17 AM
To: netfilter@lists.samba.orgSubject: Doubt about = DNAT

 

Hi=20 all,

 

I am in=20 trouble to do a rule. Anybody can help me?

 

I want=20 to redirect all traffic from a specific valid ip and specific = destination port=20 to a machine located inside a LAN.

 

This=20 rule is to access SQL Server that is located inside a LAN and i have a = valid ip=20 address in a linux machine with iptables.

 

I've=20 tried the following:

 

Lan IP=20 with SQL Server: 192.168.0.10

Valid=20 IP with iptables: 200.221.98.123

Valid=20 IP that will acess SQL Server. 200.206.123.112

 

This=20 rule i've put in the machine 200.221.98.123

 

iptables = -t nat -A=20 PREROUTING -p tcp -s 200.206.123.112 --dport 1433 -j DNAT --to=20 192.168.0.10

 

And now=20 i configure my SQL Server to connect to 200.221.98.123 but i still can't = connect. Dou you have any idea why it is not working?

 

The=20 ip's i've mentioned are just for example.

 

Thanks=20 a lot

 

Rodrigo

 

 

 

 

 

 

------=_NextPart_000_0291_01C258F6.8B5A8680--