From: Jeff Largent <jlargent@imagelinks.com>
To: Scott Taylor <scott@dctchambers.com>
Cc: Sasa Ugrenovic <borg@linuks.org>, linux-admin@vger.kernel.org
Subject: Re: Port forwarding how ??
Date: Wed, 15 Jan 2003 12:10:28 -0500 [thread overview]
Message-ID: <3E259604.2080108@imagelinks.com> (raw)
In-Reply-To: <5.1.1.6.0.20030115070044.01ca9b50@mustang>
You also need a POSTROUTING for the return.
iptables -A POSTROUTING -t nat -p tcp -s 192.168.0.14 --sport 3306 -j SNAT
--to-source <ip of host doing the original port forward>
If you don't have this the forwarding host will gladly forward the message
with the 192.168.0.14 ip, that you have no way of directly contacting.
Jeff
Scott Taylor wrote:
> Please make your replies to the list.
>
> At 04:15 PM 1/14/03, you wrote:
>
>> Ok,
>> And what about this ?
>> ( I read this on that link you provided to me )
>>
>> iptables -A FORWARD -p tcp --dport 3306 -j ACCEPT
>> iptables -A PREROUTING -t nat -p tcp --dport 3306 -j DNAT --to
>> 192.168.0.14:3306
>>
>> When i try to connect on server where i entered rules i writed above, I
>> get the following:
>>
>> [root@gatekeeper root]# telnet 192.168.0.13 3306
>> Trying 192.168.0.13...
>>
>> [root@gatekeeper root]#
>>
>> 192.168.0.13 = server where i entered the iptables ... which i need to
>> redirect me to 192.168.0.14
>> 192.168.0.14 = server running mysql ( port 3306 ).
>>
>>
>> On Wed, 2003-01-15 at 00:44, Scott Taylor wrote:
>> > At 03:16 PM 1/14/03, you wrote:
>> > >Anyone configured port forwarding that worked ?
>> >
>> > Yes.
>> >
>> >
>> > >I was reading lot's of howto documents, but i was unable to configure
>> > >that thing.
>> > >
>> > >
>> > >iptables -t nat -A PREROUTING -i $OUTSIDE -p tcp --dport 3306 -j DNAT
>> > >--to 192.168.0.14
>> > >
>> > >This is how i configured it .. but it doesn't work .. anyone have any
>> > >idea or something .. ?
>> >
>> > That alone is not going to do a lot for you.
>> >
>> > Here is a HowTo that should help:
>> > http://tldp.org/HOWTO/IP-Masquerade-HOWTO/index.html
>> >
>> > Then snoop around David's site and read the TrinityOS docs:
>> > http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html
>> >
>> > -
>> > To unsubscribe from this list: send the line "unsubscribe
>> linux-admin" in
>> > the body of a message to majordomo@vger.kernel.org
>> > More majordomo info at http://vger.kernel.org/majordomo-info.html
>> >
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
--
Jeff Largent ImageLinks, Inc.
Sr System Admin Melbourne, Fl 32935
(321) 253-0011 fax:(321) 253-5559
next prev parent reply other threads:[~2003-01-15 17:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-01-14 23:16 Port forwarding how ?? Sasa Ugrenovic
2003-01-14 23:44 ` Scott Taylor
[not found] ` <1042589738.28248.16.camel@marvin.bl.gozostudios.com>
2003-01-15 15:01 ` Scott Taylor
2003-01-15 17:10 ` Jeff Largent [this message]
2003-01-15 15:04 ` Scott Taylor
2003-01-15 17:06 ` Sasa Ugrenovic
2003-01-15 17:41 ` Jeff Largent
2003-01-15 18:24 ` Sasa Ugrenovic
2003-01-15 20:09 ` urgrue
2003-01-15 20:37 ` Sasa Ugrenovic
2003-01-15 20:58 ` urgrue
2003-01-15 21:15 ` Sasa Ugrenovic
2003-01-15 21:07 ` Scott Taylor
2003-01-15 17:16 ` Jeff Largent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3E259604.2080108@imagelinks.com \
--to=jlargent@imagelinks.com \
--cc=borg@linuks.org \
--cc=linux-admin@vger.kernel.org \
--cc=scott@dctchambers.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.