* Port Forwarding Need help
@ 2004-12-16 15:56 nitin mandolkar
2004-12-16 17:05 ` Samuel Jean
0 siblings, 1 reply; 2+ messages in thread
From: nitin mandolkar @ 2004-12-16 15:56 UTC (permalink / raw)
To: netfilter
Need Help in port forwaeding.
This is my set up.
DSL ROUTER (WAN IP : x.x.x.x | LAN IP 192.168.5.1)
|
|
|
Linux Machine (eth0: 192.168.0.2 eth1: 192.168.5.12)
|
|
|
Windows machine(eth1: 192.168.5.4)(IIS is running on
this machine on port 80)
From router i am forwarding the request to linux
machine to port 80.
any one from out site they are able to see a test
pages on linux
machine.
i want to forward any request coming on port 80 on linux
machine to
windows machine on port 80.
/sbin/iptables -A PREROUTING -t nat -p tcp -s 192.168.5.1 -d
192.168.5.12 --dport 80 -j DNAT --to-destination 192.168.5.4:80
I Use above iptables entry but it is not working.
Nitin mandolkar.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Port Forwarding Need help
2004-12-16 15:56 Port Forwarding Need help nitin mandolkar
@ 2004-12-16 17:05 ` Samuel Jean
0 siblings, 0 replies; 2+ messages in thread
From: Samuel Jean @ 2004-12-16 17:05 UTC (permalink / raw)
To: nitin mandolkar; +Cc: netfilter
On Thu, December 16, 2004 10:56 am, nitin mandolkar said:
> Need Help in port forwaeding.
>
> This is my set up.
>
> DSL ROUTER (WAN IP : x.x.x.x | LAN IP 192.168.5.1)
>
> |
> |
> |
> Linux Machine (eth0: 192.168.0.2 eth1: 192.168.5.12)
> |
> |
> |
> Windows machine(eth1: 192.168.5.4)(IIS is running on
> this machine on port 80)
Your setup is not clear and is most likely to be wrong.
Are you able to ping linux machine from the windows one?
What the eth0 binding on linux box is for?
Are three nodes belonging to the same ethernet segment ?
>
> From router i am forwarding the request to linux
> machine to port 80.
> any one from out site they are able to see a test
> pages on linux
> machine.
>
> i want to forward any request coming on port 80 on linux
> machine to
> windows machine on port 80.
If all three nodes are belonging to the same segment, I don't see why
you DNAT to the linux box instead of the Windows one.
>
>
> /sbin/iptables -A PREROUTING -t nat -p tcp -s 192.168.5.1 -d
> 192.168.5.12 --dport 80 -j DNAT --to-destination 192.168.5.4:80
Unless you are SNATing forwarded requests (which I doubt) coming from
the Internet to look like coming from your DSL router, the above
rule would fail.
i.e. -s 192.168.5.1 specifies to match packets with this source address.
What you need is something along those lines :
# Change destination for Internet inbound connections on dest TCP 80
iptables -t nat -A PREROUTING -p tcp -d 192.168.5.12 --dport 80 -j DNAT
--to 192.168.5.4
# Accept FORWARDed packets
iptables -A FORWARD -p tcp -d 192.168.5.4 --dport 80 -j ACCEPT
I also assume you are not filtering in POSTROUTING.
>
> I Use above iptables entry but it is not working.
>
Maybe you need to re-think about your setup and why you are doing it
that way. In such a case, if everything goes wrong, resend your new setup
schema (this time a bit more clear).
> Nitin mandolkar.
>
>
HTH,
Samuel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-12-16 17:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-12-16 15:56 Port Forwarding Need help nitin mandolkar
2004-12-16 17:05 ` Samuel Jean
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.