Re: forwarding udp usint the Debian ipmasq package
Try replacing -A with -I. If this workes look at the output of "iptables
-t nat -L PREROUTING" you should see your rules. Starting at the top work
your way down untill you find a rule that would laso match these pkts.
This rule would be the one causing all the problems.
--- Kenny Hitt <kenny@hittsjunk.net> wrote:
> Hi. I'm trying to forward UDP ports to a computer running on my local
> network from the internet. I'm using the ipmasq package in Debian to
> masquerade my local network. Last year I was able to forward ports
> 4074-4076 and 2074-2076 with the following rules.
>
> iptables -A PREROUTING -t nat -p udp -d public_ip --dport 4074:4076 -j
> DNAT --to local_ip
> iptables -A PREROUTING -t nat -p udp -d public_ip --dport 2074:2076 -j
> DNAT --to local_ip
>
> I stopped doing it for a while because I was running the app that used
> these ports on the box that was the gateway for the network. When I
> tried to use the rules again, they no longer work. I get the following
> message in my logs
>
> IN=eth0 OUT=eth1 SRC=129.100.109.65 DST=local_ip LEN=96 TOS=0x00
> PREC=0xA0 TTL=47 ID=0 DF PROTO=UDP SPT=2074 DPT=2075 LEN=76
>
> Public_ip is my IP address on the internet (the IP of eth0) Local_ip is
> the address of the system on my local network. The IP address in the
> error is the IP of the system I'm trying to reach. Eth1 is connected to
> my local network.
> Basically, I'm trying to use a speak_freely reflector running on the IP
> address in the error.
> Does anyone have an idea what other rules I need to get this working
> again?
>
> Thanks in advance for any help.
> Kenny
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
Reply to: