From: Carlos Mtz-Troncoso <cmartinez@uninorte.edu.co>
To: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Cc: netfilter@vger.kernel.org
Subject: Re: Port forwarding problem
Date: Sat, 16 Oct 2010 09:01:32 -0500 [thread overview]
Message-ID: <4CB9B03C.2090107@uninorte.edu.co> (raw)
In-Reply-To: <4CB9AAB2.8070803@plouf.fr.eu.org>
Pascal you are right!
I just changed some -I for -A and moved
iptables -A FORWARD -j DROP
to the end and it works!
It was a fool error, I know that ACL order is crucial!
Thanks a lot for your help
On 10/16/2010 08:37 AM, Pascal Hambourg wrote:
> Carlos Mtz-Troncoso a écrit :
>> Thanks Pascal for your answer.
>>
>> I had that rule but I deleted, I just add again
>>
>> iptables -A FORWARD -p tcp -i eth0 -d 10.1.1.7 --dport 80 -j ACCEPT
>>
>> but it doesn't work.
>
> Maybe because of the rule ordering ? Your script weirdly mixes -I and -A
> commands, and has a "-I FORWARD -j DROP" rule which inserts a plain
> "DROP everything" at the very beginning of the chain. As a result, any
> rule created before or appended after this one has no effect.
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-10-16 14:01 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-16 12:53 Port forwarding problem Carlos Mtz-Troncoso
2010-10-16 13:13 ` Pascal Hambourg
2010-10-16 13:19 ` Carlos Mtz-Troncoso
2010-10-16 13:37 ` Pascal Hambourg
2010-10-16 14:01 ` Carlos Mtz-Troncoso [this message]
2010-10-16 18:19 ` Pascal Hambourg
-- strict thread matches above, loose matches on Subject: below --
2008-04-24 19:17 Port Forwarding Problem Ivan Hernandez
2008-04-25 19:49 ` Grant Taylor
2005-07-18 5:17 George Esperanza
2005-04-15 10:36 Julian Labuschagne
2005-04-15 10:34 Julian Labuschagne
2005-04-15 8:40 ` Samuel Díaz García
2005-04-15 11:23 ` Julian Labuschagne
2005-04-15 14:32 ` Taylor, Grant
2005-04-15 14:40 ` Jason Opperisano
2003-02-25 18:06 Tom Smith
2003-02-25 20:14 ` Willi Dyck
2003-02-25 21:53 ` Tom Smith
2003-02-26 3:20 ` Arnt Karlsen
[not found] ` <3E5C3DEE.70104@openadventures.org>
2003-02-26 14:07 ` Arnt Karlsen
[not found] <001601c2d1fa$669894e0$990da8c0@..153.service>
2003-02-11 19:11 ` Port forwarding problem DarKRaveR
2003-02-11 19:14 ` Rob Sterenborg
2003-02-11 18:21 Danila Octavian
2003-01-29 0:56 port " Ian McBeth
2003-01-28 8:14 oarojo
2003-01-29 1:21 ` Arnt Karlsen
2002-11-14 4:29 Port " Tom Elsesser
2002-11-24 20:40 ` Joel Newkirk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CB9B03C.2090107@uninorte.edu.co \
--to=cmartinez@uninorte.edu.co \
--cc=netfilter@vger.kernel.org \
--cc=pascal.mail@plouf.fr.eu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.