Re: http PREROUTING works but other ports do not

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Grant Taylor <gtaylor@riverviewtech.net>
To: Mail List - Netfilter <netfilter@vger.kernel.org>
Subject: Re: http PREROUTING works but other ports do not
Date: Wed, 12 Nov 2008 00:09:04 -0600	[thread overview]
Message-ID: <491A7300.5010200@riverviewtech.net> (raw)
In-Reply-To: <20081110194846.79984f14@zas.gateway.2wire.net>

On 11/10/2008 7:48 PM, mictlan tecutli wrote:
> i'm using iptables v1.2.3. i got a strange problem where i'm using 
> esentialy the same rules to forward  (PREROUTING) various ports in a 
> vserver setup with a single static ip (xxx.xxx.xxx). my vservers on on 
> the 10.10.10.0 network. with the configuration i've attached to this 
> mail, i can view the web pages hosted in 10.10.10.20, but can not reach 
> the ssh servers on the same host, nor those on other hosts. nor can i 
> reach icecast on port 8000. in the config i've included, you'll se i've 
> tried subtle variations on the distint hosts. none of the variations you 
> see there work.

I can't say for sure, but I do see a few things that are odd.
  - You are making reference to both ports 2220 and 2222.  Is one of 
them a typo?
  - I can't tell what your real destination IP is, xxx.xxx.xxx.0/24 
(your subnet) or xxx.xxx.xxx.9 (a specific host).  I'm going to think 
that it's .9 and refer back to the above point.
  - Will you please clarify what is your internal and external 
interface, eth0 verses what?
  - Do you have specific IPs in your network assigned / allocated to 
individual virtual servers?  Or are you doing everything based on port?

> i'd apreciate any help.

Think about and respond to the above.  I can't do much more with out 
some more information.



Grant. . . .

next prev parent reply	other threads:[~2008-11-12  6:09 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-11-11  1:48 http PREROUTING works but other ports do not mictlan tecutli
2008-11-12  6:09 ` Grant Taylor [this message]
2008-11-12 23:02   ` mictlan tecutli
2008-11-26 17:07     ` Grant Taylor

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=491A7300.5010200@riverviewtech.net \
    --to=gtaylor@riverviewtech.net \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.