Re: port forward with the ipmasq package and Iptables
> The first thing I would do is change the policy on the FORWARD chain to ALLOW
> and see if it suddenly starts working. If it does, it means that your rule in
> the FORWARD chain isn't matching the traffic correctly.
> I've attached a modified version of the firewall script.
Unfortunately this has the same timing-out problem, with or without
"ACCEPT" instead of "DROP".
> The important line to fiddle with will be :
> iptables -A FORWARD -i $EXTIF -o $INTIF -p tcp -d $EXTIP --dport 515 \
> -m state --state NEW -j ACCEPT
> I think the problem with your original script is that the destination actually
> needs to be $EXTIP, not $PRINTERIP.
Ahh, I did get that wrong. Hmm.
I'm probably going to switch to Linux 2.2 and use that infernal
impasqadm program. If I can't get Iptables to forward a port with a
simple Iptables script and the instructions from the IP Masquerading
Howto and the input of someone else who seems to know what he's talking
about, I'm not going to get Iptables to work. This is where I mentally
file away the problem into the (very large) bin marked "Computers Suck".
Tom Goulet mail: email@example.com
UID0 Unix Consulting web: em.ca/uid0/