simple port forwarding question

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rohit Kumar Mehta <rohitm@engr.uconn.edu>
To: netfilter@lists.netfilter.org
Subject: simple port forwarding question
Date: Mon, 03 Nov 2003 08:58:53 -0500	[thread overview]
Message-ID: <3FA65F1D.20205@engr.uconn.edu> (raw)

Hi guys, I was wondering if someone could help me out here.  I am fairly 
well confused after trying to muddle through
this tutorial:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html

I think what I want to do should be easy.  Perhaps someone could help.

We are trying to trick the systems into believing that the Kerberos 5 
server is on IP#2 (let's call it 192.168.28.3)
but it is in fact on IP#1 (192.168.28.2).

Maybe my attempted iptables commands will make it blatantly obvious what 
I am trying to do:

iptables -t nat -A PREROUTING --dst 192.168.28.3 -p tcp --dport 88 -j 
DNAT --to 192.168.28.2
iptables -t nat -A PREROUTING --dst 192.168.28.3 -p udp --dport 88 -j 
DNAT --to 192.168.28.2

iptables -t nat -A POSTROUTING -p udp --dst 192.168.28.2 --dport 88 -j 
SNAT --to-source 192.168.28.3
iptables -t nat -A POSTROUTING -p tcp --dst 192.168.28.2 --dport 88 -j 
SNAT --to-source 192.168.28.3

iptables -t nat -A OUTPUT --dst 192.168.28.3 -p tcp --dport 88 -j DNAT 
--to-destination 192.168.28.2
iptables -t nat -A OUTPUT --dst 192.168.28.3 -p udp --dport 88 -j DNAT 
--to-destination 192.168.28.2

Basically we want it so that if I do a "telnet 192.168.28.3 88", I get a 
connection to "192.168.28.2:88"
This works - when I initiate the connection from 192.168.28.3, but from 
any other machine on the network
it does not work.

Am I doing something wrong or forgetting a key step?  Thanks!

Rohit

next             reply	other threads:[~2003-11-03 13:58 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-11-03 13:58 Rohit Kumar Mehta [this message]
2003-11-03 11:57 ` simple port forwarding question Herman
2003-11-03 14:07 ` SBlaze
2003-11-03 14:12   ` Rohit Kumar Mehta
  -- strict thread matches above, loose matches on Subject: below --
2003-11-03 18:04 Han, Yan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3FA65F1D.20205@engr.uconn.edu \
    --to=rohitm@engr.uconn.edu \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.