Re: my iptables script

To: debian-firewall@lists.debian.org
Subject: Re: my iptables script
From: uberthold <uberthold@enaikoon.de>
Date: Fri, 05 Sep 2003 10:01:40 +0200
Message-id: <[🔎] 3F5842E4.3010705@enaikoon.de>
In-reply-to: <[🔎] 1062640805.1002.31.camel@coltrane>
References: <1062371226.1599.95.camel@coltrane> <200309011017.37884.tarragon@onthe.net.au> <[🔎] 1062638150.1002.2.camel@coltrane> <[🔎] 200309041132.03196.tarragon@onthe.net.au> <[🔎] 1062640805.1002.31.camel@coltrane>

hi.

that's an interesting question. why don't prerouted ports show up as
open, neither with netstat -l nor with nmap?
is this effect of any further security use, or are there better tools,
that can dedect those ports as well?

thanks and ciao,
ub

Jule Slootbeek wrote:

Tarragon,

a pair of these rules:
(eth0: external)
iptables -A FORWARD -m state --state NEW -p tcp -i eth0 -d 192.168.0.2
--dport 2401
iptables -t nat -A POSTROUTING -i eth0 -p tcp --dport 2401 -j DNAT
--to-destination 192.168.0.1:2401

still does not show the port 2401 open with an nmap localhost op the

gateway.

Reply to:

Follow-Ups:
- Re: my iptables script
  - From: Tarragon Allen <melange@n12turbo.com>
- Re: my iptables script
  - From: Roland Mas <roland.mas@free.fr>

References:
- Re: my iptables script
  - From: Jule Slootbeek <jslootbeek@clarku.edu>
- Re: my iptables script
  - From: Tarragon Allen <tarragon@onthe.net.au>
- Re: my iptables script
  - From: Jule Slootbeek <jslootbeek@clarku.edu>

Prev by Date: Re: Firewall script builders
Next by Date: Re: Firewall script builders
Previous by thread: Re: my iptables script
Next by thread: Re: my iptables script
Index(es):
- Date
- Thread