From: "Gáspár Lajos" <swifty@freemail.hu>
To: netfilter@lists.netfilter.org, payal-iptables@scriptkitchen.com
Subject: Re: DNAT not working
Date: Thu, 19 Apr 2007 13:15:09 +0200 [thread overview]
Message-ID: <46274F3D.8040407@freemail.hu> (raw)
In-Reply-To: <20070419033123.GB22763@tranquility.scriptkitchen.com>
Payal Rathod írta:
> On Wed, Apr 18, 2007 at 07:34:32PM +0200, Martijn Lievaart wrote:
>
>> Payal Rathod wrote:
>>
>>>
...
>> Try -d 1.2.3.4 instead of -s.
>>
>
> But now it is timing out instead of connecting.
> The new ruleset is at,
>
> http://pastebin.ca/447539
>
> Can someone tell what might be wrong?
>
...
1. Your FORWARD policy is ACCEPT... You do not need the lines 14 and 15.
(AFAIK: If the target IP is on your computer then it fill not be
FORWARDed but will be sent to a LOCAL process.)
2. You did not wrote but I assume you have a dynamically assigned IP
connection. (Line 22.) If it is true then I would specify in this line
the output interface: "-A POSTROUTING -s 10.10.0.0/255.255.255.0 -o
???ppp+??? -j MASQUERADE"
3. Line 23: ???? Why do you DNAT an outgoing connection back to you ???
Maybe you do not need that line at all...
Hope that helps.
Swifty
next prev parent reply other threads:[~2007-04-19 11:15 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-18 16:26 DNAT not working Payal Rathod
2007-04-18 17:34 ` Martijn Lievaart
2007-04-19 3:31 ` Payal Rathod
2007-04-19 11:15 ` Gáspár Lajos [this message]
2007-04-19 17:18 ` Payal Rathod
-- strict thread matches above, loose matches on Subject: below --
2006-12-22 15:03 Balazs Fulop
2006-12-22 20:38 ` Grant Taylor
2006-12-22 21:14 ` Pascal Hambourg
2006-12-26 20:54 ` Balazs Fulop
2004-07-12 15:12 DNAT Not working Nicolas Ross
2004-07-12 15:59 ` Antony Stone
2004-07-12 16:13 ` Nicolas Ross
2004-07-12 16:33 ` Antony Stone
2004-03-18 20:26 DNAT not working Stuart Lamble
2004-03-18 20:49 ` John A. Sullivan III
2004-03-18 21:58 ` Antony Stone
2004-03-18 20:50 ` Antony Stone
2004-03-20 17:47 ` Stuart Lamble
[not found] <20031224052809.18657.42710.Mailman@netfilter-sponsored-by.noris.net>
2003-12-24 10:24 ` DNAT NOT WORKING madhav bhasin
2003-12-24 10:33 ` Antony Stone
2003-12-25 18:31 ` Thomas Scheffczyk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46274F3D.8040407@freemail.hu \
--to=swifty@freemail.hu \
--cc=netfilter@lists.netfilter.org \
--cc=payal-iptables@scriptkitchen.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox