[lug] problems with port forwading to internal address
Calvin Dodge
caldodge at fpcc.net
Mon May 13 13:56:23 MDT 2002
I'm trying to set up port forwarding for a client. He wants web requests to a specific IP address to be forwarded to an internal machine.
I have the following script:
/sbin/iptables -A FORWARD -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A PREROUTING -t nat -i eth1 -o eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.29:80
/sbin/iptables -A FORWARD -p tcp --dport 443 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A PREROUTING -t nat -i eth1 -o eth0 -p tcp --dport 443 -j DNAT --to 192.168.1.29:443
If I understand correctly, the above lines _should_ forward port 80 and 443 requests to 192.168.1.29, but they don't.
IP forwarding is enabled on this system (and it functions quite nicely as the typical IP masquerader).
I've tried different permutations of the above lines, but nothing I do seems to work (the internal site does work, BTW).
Is there something I'm missing here?
FWIW, this system runs Red Hat 7.2 with up-to-date patches.
Calvin
--
Calvin Dodge
Certified Linux Bigot (tm)
http://www.caldodge.fpcc.net
More information about the LUG
mailing list