Re: Netfilter Port Forwarding Problem
You're welcome :-)
Tomfi
Makara napsal(a):
> Hi tomfi,
>
> You are correct tomfi. I put a wrong gateway on my
> webserver pc. Thank alot tomfi.
>
> --- tomfi <tomfi@volny.cz> wrote:
>
>> You don't know why it works? Or you don't know why
>> it does not work ?
>>
>> I think it doesn't work... If you have Internet
>> connected Webserver and
>> there is requirement to establish a connection over
>> localnetwork to
>> internet, the webserver try to respond over his
>> internet connection,
>> because server know diferent way to the Internet
>> then your firewall.
>>
>> That's why.
>>
>> Tomfi
>>
>>
>> Makara napsal(a):
>>> Hi all,
>>>
>>> I have 2 internet connections ip $ipinet1 for
>> other
>>> traffics and $ipinet2 for mail it works properly.
>>> I want to allow the connection from internet
>> connect
>>> to my local web server(172.16.0.4) via $ipinet1 so
>> I
>>> do port forwarding
>>>
>>> iptables -A PREROUTING -t nat -i $ifinet1 -d
>> $ipinet1
>>> -p tcp --dport 80 -j DNAT --to 172.16.0.4:80
>>>
>>> I allow FORWARD Rule from firewall to my local
>>> webserver
>>>
>>> iptables -A FORWARD -m state --state
>>> RELATED,ESTABLISHED -j ACCEPT
>>>
>>> iptables -A FORWARD -p tcp --dport 80 -i $ifinet1
>> -o
>>> $iflocalnet -j ACCEPT
>>>
>>> I don't know why it does work? if you have any
>> idea
>>> please help.
>>>
>>> Thanks
>>>
>>> __________________________________________________
>>> Do You Yahoo!?
>>> Tired of spam? Yahoo! Mail has the best spam
>> protection around
>>> http://mail.yahoo.com
>>>
>>>
>>
>> --
>> To UNSUBSCRIBE, email to
>> debian-firewall-REQUEST@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact
>> listmaster@lists.debian.org
>>
>>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
>
Reply to: