[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: port forward with the ipmasq package and Iptables

> You shouldn't need the ipmasq package, NAT has been built into iptables for 
> ages.

<blinks>  I need the ipmasq package (or some other way to run Iptables
with the right rules) because the box is an IP masquerading router.

> A rule like this should do the trick:
> iptables -t nat -A PREROUTING -p tcp -d $external-ip --dport $external-port \  
> -j DNAT --to $internal-ip:$internal-port

Should this work with my existing, complicated set of Iptables rules?

This does the same thing all my other attempts have done:  Change my
error message from "Connection refused" to "Connection timed out".

I'm sure the other end is listening.

> $internal-ip in the last one can be changed to the network range, and will 
> allow general NAT for that network.

It's not legal to put hyphens in shell variable names, by the way :-).

I was assuming that lots of people used the ipmasq package with Iptables
and lots of people needed to forward ports and lots of people
immediately knew how and were just going to point me to a Debian page
that I missed, but I guess not :o.

-- 
Tom Goulet				mail: uid0@em.ca
UID0 Unix Consulting			web:  em.ca/uid0/
Reply to: