help with port forwarding
I have a Linux machine (Debian unstable with kernel 2.2.18) that is
successfully masquerading for our local network. I want to do port
forwarding so that machines on the Internet can see the web server of a
machine on the local net. Following the IP-Masquerading howto, I have the
following script which sets up the masquerading and attempts to set up the
port forwarding as well:
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth1 -s 10.3.0.0/24 -j MASQ
MYIP=X.X.X.X
/usr/sbin/ipmasqadm portfw -f
/usr/sbin/ipmasqadm portfw -a -P tcp -L $MYIP 80 -R 10.3.0.50 80
Where X.X.X.X is the IP address of the interface on the masquerading
machine visible to machines on the Internet.
Port forwarding isn't working though. It is apparent that something is
happening as that now the web server on the masquerading machine no longer
responds (as I assume traffic is indeed trying to be forwarded) but
neither does the machine I'm trying to forward to respond. Can anyone see
any problems with my firewall script?
"ipmasqadm portfw -l" returns:
prot localaddr rediraddr lport rport pcnt pref
TCP X.X.X.X 10.3.0.150 80 80 10 10
Which, as far as I can tell, looks correct. Any clues are greatly
appreciated.
Thanks,
Gerry
Reply to: