Port forwarding with iptables?
John Oliver
joliver at john-oliver.net
Mon Jun 24 11:37:24 PDT 2002
On Mon, Jun 24, 2002 at 11:19:38AM -0700, Amit Chakradeo wrote:
> How about
> iptables -t nat -nL ?
That works... :-)
> Doesn't your script flush the tables (I mean all tables including nat) ?
> (My script has these lines:
> iptables -F
> iptables -F -t nat
> iptables -X
I don't have a script. All I'm trying to do is forward one port.
Right now, I get:
[root at test root]# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- 0.0.0.0/0 192.168.20.202 tcp dpt:80
to:216.120.50.199
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root at test root]# cat /proc/sys/net/ipv4/ip_forward
1
Theoretically, this should allow me to put 192.168.20.202 in my browser
and get redirected to the web server at 216.120.50.199 (this is just a
test, here... the actual source and destination I'm not sure of yet)
But it doesn't.
[root at mail root]# nmap -sT 192.168.20.202
Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on (192.168.20.202):
(The 1540 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp filtered http
Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds
So it kinda sorta sees it, but...
--
John Oliver http://www.john-oliver.net/
joliver at john-oliver.net http://www.mrtg-monitoring.com/
More information about the KPLUG-List
mailing list