From: Francesco Ciocchetti <primero@fastwebnet.it>
To: Morales Carlos <cmmorales@mail.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Doubt about forwarding. Please, Help me!
Date: Thu, 14 Jul 2005 20:46:51 +0200 [thread overview]
Message-ID: <42D6B31B.9010902@fastwebnet.it> (raw)
In-Reply-To: <20050714184051.CE18E6F027@ws1-5.us4.outblaze.com>
Morales Carlos wrote:
>Hello. I have a firewall blocking all the traffic from the Internet to my local network, but I need to let an external host (extHOST) to access the port 8888 (for example) of an internal host (intHOST). Is this correct? The external lan adapter is eth1.
>
> /sbin/iptables -t nat -A PORTFW -p tcp -i eth1 -s extHOST --dport 8888 -j DNAT --to-destination intHOST:8888
>
>Thaks, please email me to cmmorales@mail.com
>Carlos
>
>
>
>
>
>
As long as in PREROUTING Chain of nat table there is a JUMP to PORTFW it
is ok.
What you need is to have a DNAT in nat table PREROUTING chain , and a
rule to allow traffic to the DNATTED dst port 8888 in the filter table
FORWARD chain.
Bye
Francesco
next prev parent reply other threads:[~2005-07-14 18:46 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-14 18:40 Doubt about forwarding. Please, Help me! Morales Carlos
2005-07-14 18:46 ` Francesco Ciocchetti [this message]
2005-07-14 19:50 ` Sergio Basurto Juarez
-- strict thread matches above, loose matches on Subject: below --
2005-07-14 19:11 Morales Carlos
2005-07-14 19:20 ` Glaucius Djalma Pereira Junior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42D6B31B.9010902@fastwebnet.it \
--to=primero@fastwebnet.it \
--cc=cmmorales@mail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox