From: Mike McLean <libolt@libolt.net>
To: netfilter@lists.netfilter.org
Subject: Continuing Tribes 2 problems with NAT
Date: Fri, 21 Nov 2003 12:42:05 -0700 [thread overview]
Message-ID: <200311211242.05614.libolt@libolt.net> (raw)
Hi,
I have a tribes 2 server behind an iptables NAT system. I have forwared the
ports for Tribes 2 to the server. It connects to the master server and show
sup in the servers list. However it shows up with it's internal IP address,
not the public IP the network connects to the internet with. This seems to
cause problems for those outside the lan trying to connect to the server.
Below I have listed my iptables rules set. Any help is appreciated:
iptables -F
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t mangle
iptables -F -t nat
iptables -X
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 37373 -j DNAT --to
192.168.0.1:37373
# Tribes 2 ports forwarded
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 27999 -j DNAT --to
192.168.0.7:27999
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 28000 -j DNAT --to
192.168.0.7:28000
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 28000 -j DNAT --to
192.168.0.7:28000
iptables -A FORWARD -i eth0 -o eth1 -p udp -d 192.168.0.7 --dport 28000 -j
ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 192.168.0.7 --dport 28000 -j
ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 28001 -j DNAT --to
192.168.0.7:28001
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 28001 -j DNAT --to
192.168.0.7:28001
iptables -A FORWARD -i eth0 -o eth1 -p udp -d 192.168.0.7 --dport 28001 -j
ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -p tcp -d 192.168.0.7 --dport 28001 -j
ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 28001:29000 -j DNAT --to
192.168.0.7:28001-
29000
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 15101 -j DNAT --to
192.168.0.7:15101
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 15104 -j DNAT --to
192.168.0.7:15104
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 15024 -j DNAT --to
192.168.0.7:15024
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 15206 -j DNAT --to
192.168.0.7:15206
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 15800 -j DNAT --to
192.168.0.7:15800
echo 1 > /proc/sys/net/ipv4/ip_forward
Mike
reply other threads:[~2003-11-21 19:42 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200311211242.05614.libolt@libolt.net \
--to=libolt@libolt.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.