From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arnt Karlsen Subject: Re: port forwarding problem Date: Wed, 29 Jan 2003 02:21:19 +0100 Sender: netfilter-admin@lists.netfilter.org Message-ID: <20030129022119.7cdcb112.arnt@c2i.net> References: <24307.192.168.0.1.1043741649.squirrel@mail.intermediacorp.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <24307.192.168.0.1.1043741649.squirrel@mail.intermediacorp.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org On Tue, 28 Jan 2003 16:14:09 +0800 (PHT), wrote in message <24307.192.168.0.1.1043741649.squirrel@mail.intermediacorp.com>: > hello guys!!! Can someone help me on my problem regarding iptables??? > > This has been my problem a month now.. I'm running a redhat 7.3 > firewall server with two NICs; eth0 facing the internal network > (192.168.0.x) and eth1 facing the internet (external network). Now I > wish to forward all traffic on eth1, port 25 to another to my mail > server (say, 192.168.0.2). I did something like: > > iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE > iptables -A FORWARD -p tcp --dport 25 -d 192.168.0.2 -j ACCEPT > iptables -A PREROUTING -t nat -p tcp --dport 25 -d x.x.x.x -j DNAT > --to 192.168.0.2 > > Now when i used to test SMTP connection thru telnetting from another > server... say: > > #telnet xxx.xxx.xxx.xxx 25 > > It just stucked in there doesn't continue... > > using nmap on my firewall: > > #nmap xxx.xxx.xxx.xxx -p 25 > > it says that port 25 is filtered... > > > Is there anything wrong with my iptable rules? I would really > appreciate if you can send me your help... thanks! ..a stab in the dark: 'cat /proc/sys/net/ipv4/ip_forward' says? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case.