On Mon, May 19, 2003 at 06:36:18PM +0200, William Fletcher wrote: > Hi, > > Ok, after some more fiddling, iptables is not working. > I'd accidentally used the internet ip of the linux gateway, silly me :/ > (How to make an ass of ones self ;P) > > Ok, the setup. > This box has the external ip 196.14.166.226. > My workstation is 196.14.166.22. > All the traffic except stuff going to 196.14.166.0/27 goes > out through a pptp-VPN. > > I've taken the VPN down in the mean time to try get this working... > Still no luck. > > Configuration. > #Enable forwarding in kernel > echo 1 > /proc/sys/net/ipv4/ip_forward > #Kill timestamps > echo 0 > /proc/sys/net/ipv4/tcp_timestamps > #Enable SYN Cookies > echo 1 > /proc/sys/net/ipv4/tcp_syncookies > > The computer connects to use through a tie-line, 56kb. > > > iptables -t nat -A PREROUTING -i ppp0 -p tcp -d 196.14.166.226 --dport 25 -j DNAT --to 192.168.0.50:25 ^^^ > > is what I'm trying to use... > Now, I need to be able to use 196.14.166.22 to connect to port 25 and then ^^ > that'll port forward to 192.168.0.50:25. They match in your script, right? :) Are you blocking anything else? What happens if you turn that into a LOG rule? What does netstat say? How about iptstate? Does that rule work on other machines? Does iptables print any errors, or does syslog get anything? Is that ppp0, right, too? It specifies the interface you'll be accessing...If this doesn't help, try asking on the debian-firewall list on this fine mail server. It's a pretty active group, full of people with more firewall clue in their little finger than I have in my whole body :) -- Rob Weir <rweir@ertius.org> | mlspam@ertius.org | http://www.ertius.org/ GPG keys: 1024D/1E73B7CD, 4096R/3ABDE5EC | Do I look like I want a CC? Words of the day: terrorism World Trade Center India UK csystems Ceridian
Attachment:
pgpvbGsroRX7W.pgp
Description: PGP signature