From: Roderik van Heijst <roderik@digicit.nl>
To: netfilter@lists.netfilter.org
Subject: forwarding to an external ip
Date: Wed, 12 Jan 2005 18:09:26 +0100 [thread overview]
Message-ID: <20050112170926.GA4744@digicit.nl> (raw)
hi there,
i spent the whole day (which sucks btw :( ) trying to figure out how to
forward 62.131.95.133:4321 (phex) to 131.155.228.4:1111 (orion). Quickly said, after 6
hours (which is too long IMHO) i got it to work. However, phex was just
for testing and i want it to work on 80.69.73.147 (boron) so i figured - if i
copied the complete setup of iptables at phex to boron, it should do the same.
... Nopez. Honestly, I can't understand what's making the difference .. must be due to
different kernels, but this is user-space right .. should work the same?
I'm sorry if i sound frustrated, but i am.
iptables -F
iptables -t nat -F
iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 1111 -j DNAT --to
131.155.228.4
iptables -t nat -A POSTROUTING -p tcp --dport 1111 -j MASQUERADE
iptables -L
iptables -t nat -L
that's all i had to do on phex to get it working.
iptables -L, iptables -t nat -L and iptables -t mangle -L output exactly the same (phex & boron).
Now for the difference that i can spot which may have to do with this:
phex uses 2.4.20 whereas boron has 2.4.24. A subtle difference (at least that's what it
seems to me) is that phex preroutes things from ppp0 while boron should
do that from eth0, maybe that can be the problem? i don't see how, but
that doesn't surprise me anymore by now. I hope any of you can bravely
come up with some sort of answer that should push me into the right
direction of solving this .. well .. i don't know what it is. Aargh!
oh and happy newyear.
p.s. i'm not on this list, figured it's a little silly to subscribe for
one question, so please reply/cc/bcc to my address, which is
roderik@digicit.nl .. and many thanks in advance.
p.p.s. i noticed that
iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 1111 -j DNAT --to
:4444
does not do the same as
iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 1111 -j DNAT --to
127.0.0.1:4444
when that box is directly addressed, which is another mystery for me..
but that's probably how it should work.
next reply other threads:[~2005-01-12 17:09 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-12 17:09 Roderik van Heijst [this message]
2005-01-13 16:21 ` forwarding to an external ip Jason Opperisano
2005-01-13 16:22 ` Samuel Jean
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050112170926.GA4744@digicit.nl \
--to=roderik@digicit.nl \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox