All of lore.kernel.org
 help / color / mirror / Atom feed
From: Francesco Ciocchetti <primero@fastwebnet.it>
To: Morales Carlos <cmmorales@mail.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Doubt about forwarding. Please, Help me!
Date: Thu, 14 Jul 2005 20:46:51 +0200	[thread overview]
Message-ID: <42D6B31B.9010902@fastwebnet.it> (raw)
In-Reply-To: <20050714184051.CE18E6F027@ws1-5.us4.outblaze.com>

Morales Carlos wrote:

>Hello. I have a firewall blocking all the traffic from the Internet to my local network, but I need to let an external host (extHOST) to access the port 8888 (for example) of an internal host (intHOST). Is this correct? The external lan adapter is eth1.
>
> /sbin/iptables -t nat -A PORTFW -p tcp -i eth1 -s extHOST --dport 8888 -j DNAT --to-destination intHOST:8888
>
>Thaks, please email me to cmmorales@mail.com 
>Carlos
>
>
>
>
>  
>
As long as in PREROUTING Chain of nat table there is a JUMP to PORTFW it
is ok.

What you need is to have a DNAT in nat table PREROUTING chain , and a
rule to allow traffic to the DNATTED dst port 8888 in the filter table
FORWARD chain.

Bye
Francesco


  reply	other threads:[~2005-07-14 18:46 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-07-14 18:40 Doubt about forwarding. Please, Help me! Morales Carlos
2005-07-14 18:46 ` Francesco Ciocchetti [this message]
2005-07-14 19:50 ` Sergio Basurto Juarez
  -- strict thread matches above, loose matches on Subject: below --
2005-07-14 19:11 Morales Carlos
2005-07-14 19:20 ` Glaucius Djalma Pereira Junior

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=42D6B31B.9010902@fastwebnet.it \
    --to=primero@fastwebnet.it \
    --cc=cmmorales@mail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.