RE: DMZ-firewall
no, it did not work..
could there be some settings in /proc/ who denies portforwarding?
or maybee some problems with the 2.4.5 kernel?
anders
# -----Original Message-----
# From: Joe Ellis [mailto:joee@lithodyne.net]
# Sent: 6. desember 2001 20:50
# To: Anders Gjære
# Subject: Re: DMZ-firewall
#
#
# try:
# iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport
# 110 -j DNAT
# --to-destination 192.168.10.10
#
#
# i don't think you need the :110 to tell it which port to
# goto. once the
# packet is routed to 192.168.10.10, it is up to that machine
# to do what
# it wants.
#
#
#
#
# Anders Gjære wrote:
#
# > hi.
# >
# > i have a firewall with 5 nic's
# >
# > it is firewalling some machines on 2 of the nic's, but now
# im setting up
# > a new mailserver and webserver.
# >
# > these should have local ip's, and here is where my problems starts.
# >
# > ive tried a lot of examples and read a lot of howtos, but
# with no luck.
# >
# > iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport
# 110 -j DNAT
# > --to-destination 192.168.10.10:110
# >
# > and i dont get any output from logging packets,
# >
# > $IPTABLES -A FORWARD -j LOG
# > $IPTABLES -A FORWARD -m limit --limit 3/minute
# --limit-burst 3 -j LOG \
# > --log-level DEBUG --log-prefix "IPT FORWARD packet died: "
# >
# >
# >
# >
# > --_
# > anders gjære
# > +47 414 22 934
# >
# >
# >
#
#
# --
# Joe Ellis
# http://www.lithodyne.net
#
#
Reply to: