[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Kernel 2.4.18 strange behaviour



Hello,

I'm having trouble with port forwarding -- it worked
just fine under RedHat 7.1 w 2.4.14 kernel, but isn't
working under Debian 3.0. I have compiled a custom
2.4.18 kernel with all the masq/fw modules and
inserted the required ones. Iptables is the from the
standard woody package. (Btw, portforward didn't work
with the stock woody 2.4.18-bf2.4 kernel either.)
I get no errors when applying the rules, so it seems
there are no direct module problems.

The http server works fine in the local net, I am able
to use it from the fw box also. But the portforwarding
doesn't work (ie the server is not visible from
outside). Also, no traces of the connection appear in
/proc/net/ip_conntrack.

I'm using the following ruleset for testing:
(eth0 is the external interface,
10.111.111.11 is the http server in the local net)
----------------------------------------------
insmod ip_conntrack
insmod ip_nat_ftp
insmod ip_conntrack_ftp
insmod ip_conntrack_irc

iptables -F
iptables -t nat -F
iptables -X

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp --dport 80 -i
eth0 \
         -j DNAT --to 10.111.111.11:80

echo "1" > /proc/sys/net/ipv4/ip_forward
----------------------------------------------

Any comments?

Regards,
Skrjabin

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: