Re: Redirecting incoming local ports
try something like this
$IPTABLES -A POSTROUTING -i $EXTDEV -o $INTDEV -p tcp
--dport 9090 -j DNAT --to-destination $INTIP:80
then you will also need
$IPTABLES -A FORWARD -p tcp --dport 80
to allow conenctions to port 80 on your internal box.
Something like those lines is what i believe you are
looking for
hope that helps
--- Aaron <aaron@core-dev.com> wrote:
> Firewall experts,
>
> Despite searching all of the list archives, I
> couldn't come up with a possible solution to this
> issue.
>
> What I would like to do is accept connections from
> my external interface on port 9090 and redirect them
> to port 80. I do not want connections to port 80
> accepted from outside at all.
>
> I've read the HOWTOs and the tutorials and I was
> satisfied that this recipe might work:
>
> $IPTABLES -t nat -A PREROUTING -p tcp --dport 9090 \
> -j REDIRECT --to-ports 80
>
> But alas, it doesn't seem to. Then it occurred to me
> that since the default target of my INPUT chain is
> REJECT, that I might need to explicitly accept the
> packets that are (now) destined for port 80. But
> this produces another problem, which is that I don't
> want to accept packets inbound on port 80, I only
> want to accept the ones that have been redirected to
> port 80.
>
> How can I set this up? Thanks a lot!
>
> --
> Aaron Bieber
> -
> Graphic Design // Web Design
> http://www.core-dev.com/
> aaron@core-dev.com
>
>
> --
> To UNSUBSCRIBE, email to
> debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
Reply to: