[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: forwarding udp usint the Debian ipmasq package

Try replacing -A with -I.  If this workes look at the output of "iptables
-t nat -L PREROUTING" you should see your rules.  Starting at the top work
your way down untill you find a rule that would laso match these pkts. 
This rule would be the one causing all the problems.

--- Kenny Hitt <kenny@hittsjunk.net> wrote:

> Hi.  I'm trying to forward UDP ports to a computer running on my local
> network from the internet.  I'm using the ipmasq package in Debian to
> masquerade my local network.  Last year I was able to forward ports
> 4074-4076 and 2074-2076 with the following rules.
> iptables -A PREROUTING -t nat -p udp -d public_ip --dport 4074:4076 -j
> DNAT --to local_ip
> iptables -A PREROUTING -t nat -p udp -d public_ip --dport 2074:2076 -j
> DNAT --to local_ip
> I stopped doing it for a while because I was running the app that used
> these ports on the box that was the gateway for the network.  When I
> tried to use the rules again, they no longer work.  I get the following
> message in my logs
> IN=eth0 OUT=eth1 SRC= DST=local_ip LEN=96 TOS=0x00
> PREC=0xA0 TTL=47 ID=0 DF PROTO=UDP SPT=2074 DPT=2075 LEN=76
> Public_ip is my IP address on the internet (the IP of eth0) Local_ip is
> the address of the system on my local network.  The IP address in the
> error is the IP of the system I'm trying to reach.  Eth1 is connected to
> my local network.
> Basically, I'm trying to use a speak_freely reflector running on the IP
> address in the error.
> Does anyone have an idea what other rules I need to get this working
> again?
> Thanks in advance for any help.
>           Kenny
> -- 
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org

Do you Yahoo!?
Declare Yourself - Register online to vote today!

Reply to: