Re: Netfilter Port Forwarding Problem

To: Makara <kingofyuri@yahoo.com>
Cc: debian-firewall@lists.debian.org
Subject: Re: Netfilter Port Forwarding Problem
From: tomfi <tomfi@volny.cz>
Date: Mon, 30 Apr 2007 09:24:31 +0200
Message-id: <[🔎] 463599AF.90400@volny.cz>
In-reply-to: <[🔎] 338375.3878.qm@web50708.mail.re2.yahoo.com>
References: <[🔎] 338375.3878.qm@web50708.mail.re2.yahoo.com>

You don't know why it works? Or you don't know why it does not work ?

I think it doesn't work... If you have Internet connected Webserver and
there is requirement to establish a connection over localnetwork to
internet, the webserver try to respond over his internet connection,
because server know diferent way to the Internet then your firewall.

That's why.

Tomfi


Makara napsal(a):
> Hi all,
> 
> I have 2 internet connections ip $ipinet1 for other
> traffics and $ipinet2 for mail it works properly.
> I want to allow the connection from internet connect
> to my local web server(172.16.0.4) via $ipinet1 so I
> do port forwarding
> 
> iptables -A PREROUTING -t nat -i $ifinet1  -d $ipinet1
> -p tcp --dport 80 -j DNAT  --to 172.16.0.4:80
> 
> I allow FORWARD Rule from firewall to my local
> webserver
> 
> iptables -A FORWARD -m state --state
> RELATED,ESTABLISHED -j ACCEPT
> 
> iptables -A FORWARD -p tcp --dport 80 -i $ifinet1 -o
> $iflocalnet -j ACCEPT
> 
> I don't know why it does work? if you have any idea
> please help.
> 
> Thanks
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 
>

Reply to:

Follow-Ups:
- AW: Netfilter Port Forwarding Problem
  - From: "Dominik Fahr" <tb@blub.at>

References:
- Netfilter Port Forwarding Problem
  - From: Makara <kingofyuri@yahoo.com>

Prev by Date: Re: Netfilter Port Forwarding Problem
Next by Date: Re: how to log iptables
Previous by thread: Re: Netfilter Port Forwarding Problem
Next by thread: AW: Netfilter Port Forwarding Problem
Index(es):
- Date
- Thread