[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables natting

> | iptables -A FORWARD -i eth0 -o eth1 -d -p tcp -j ACCEPT
> |
> | iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 8080 -j DNAT
> | --to-destination
> Change this to:
> iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 8080 -d YOURPUBLICIP
> -j DNAT --to-destination
> which will apply the rule only to incoming connections to your public IP.

Ok, that's changed.

> is trying to make a connection to on port 8080
> and that's being rejected by your firewall.  Is on the same
> machine as the firewall?

No it's a different machine to the firewall and isn't running iptables itself. 
That's why I don't understand why it doesn't work. The message appears on the 
server machine and eth1 is the internal interface.

Any attempt to contact http://publicipaddress:8080/ is rejected if it comes 
from inside my network but works fine if the connection comes from outside.


 .¸¸.·´¯`·.¸¸.·´¯`· Shallow Sea Aquatics .¸¸.·´¯`·.¸¸.·´¯`·
 .¸¸.·´¯`·.¸¸.·´¯ http://www.shallowsea.com ¸.·´¯`·.¸¸.·´¯`

Reply to: