Port forwarding error

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Metal Gear <finattack@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Port forwarding error
Date: Tue, 1 Mar 2005 15:07:17 +0500	[thread overview]
Message-ID: <110c784405030102077fa30d3e@mail.gmail.com> (raw)

Hi all,

plz check the following diagram for pictorial details of my problem

http://www.antionline.com/attachment.php?s=&postid=824669

Squid (only one interface card)
I want to configure iptable rules on my squid machine such that if any
client connects on pop3, smtp, dns these request are redirected to
servers popserver, smtpserver and dnsserver. All three of these
servers are on untrusted network having public ips. My squid machine
and clients are on internal network and only squid machine can cross
the firewall to access the outerworld. I researched a lot but i m
unable to write a successful rule for that. I m posting my rules in
the end of the post. Currently i m using a port redirector (rinetd) in
place of that rules.

Thanks

(Your assistance will be greatly appreciated)

#!/bin/sh
iptables -F
iptables -A INPUT -p ALL -j ACCEPT
iptables -A PREROUTING -t nat -d squidip -p tcp --dport 110 -j DNAT
--to popserver
iptables -I PREROUTING -t nat -d squidip -p udp --dport 110 -j DNAT
--to popserver
iptables -A POSTROUTING -t nat -s popserver -p tcp --dport 110 -j SNAT
--to squidip
iptables -A POSTROUTING -t nat -s popserver -p udp --dport 110 -j SNAT
--to squdip
service iptables save
/etc/rc.d/init.d/iptables restart

next             reply	other threads:[~2005-03-01 10:07 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-03-01 10:07 Metal Gear [this message]
2005-03-01 11:15 ` Port forwarding error Jörg Harmuth
2005-03-01 17:45   ` Metal Gear
2005-03-02 11:07     ` Jörg Harmuth

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=110c784405030102077fa30d3e@mail.gmail.com \
    --to=finattack@gmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.