From: Henrik Martin <henrik@netgate.net>
To: netfilter@lists.netfilter.org
Subject: Re: Yet another local nat/port redirecting question
Date: Thu, 26 Apr 2007 11:49:14 -0700 [thread overview]
Message-ID: <200704261149.15667.henrik@netgate.net> (raw)
In-Reply-To: <46307AA2.5080007@freemail.hu>
On Thursday 26 April 2007 03:10, Gáspár Lajos wrote:
> As Martijn wrote: the problem could be that you run the web server
> binded to a specific IP.
>
> What is the ouput of this? :
>
> netstat -a -n | grep 8080
>
>
> Swifty
As I mentioned in the follow-up posting, I've tried forwarding to
ports that are bound to 0.0.0.0, 127.0.0.1, the 192.168.x.x address,
etc. There's absolutely no difference in behavior, it all fails with
the same symptoms. Here's netstat's output:
cobra:/home/basil # netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:3306 127.0.0.1:24451
ESTABLISHED
tcp 0 0 :::225 :::* LISTEN
tcp 0 0 127.0.0.1:8005 :::* LISTEN
tcp 0 0 :::8009 :::* LISTEN
tcp 0 0 :::8080 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
tcp 0 0 ::1:6010 :::* LISTEN
tcp 0 0 :::8443 :::* LISTEN
I've tried forwarding port 80 to basically every one of these ports
and then attempted a telnet connection to that port. If I do it from
the "outside", the connection just hangs like the port is being
filtered. If I do a "telnet localhost 8080" I get:
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying ::1...
telnet: connect to address ::1: Connection refused
According to the iptables man page, locally generated packets are
mapped to the 127.0.0.1 address, so this should work I'd think.
There's got to be other people running OpenSuSE 10.X out there that
are trying to do the same thing. Does anyone have a success story for
port forwarding on that platform? I've scoured the SuSE blogs and
support sites, but haven't really found anything. And Novell makes you
go through hoops just to sign up so you can post things to their
forums :-(
Thanks,
/Henrik
prev parent reply other threads:[~2007-04-26 18:49 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-25 0:01 Yet another local nat/port redirecting question Henrik Martin
2007-04-25 5:50 ` Martijn Lievaart
2007-04-25 7:07 ` Henrik Martin
2007-04-26 10:10 ` Gáspár Lajos
2007-04-26 18:49 ` Henrik Martin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200704261149.15667.henrik@netgate.net \
--to=henrik@netgate.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.