Re: iptables natting
> | iptables -A FORWARD -i eth0 -o eth1 -d 192.168.0.10 -p tcp -j ACCEPT
> |
> | iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 8080 -j DNAT
> | --to-destination 192.168.0.10
>
> Change this to:
>
> iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 8080 -d YOURPUBLICIP
> -j DNAT --to-destination 192.168.0.10
>
> which will apply the rule only to incoming connections to your public IP.
Ok, that's changed.
>
> 192.168.0.10 is trying to make a connection to 192.168.0.10 on port 8080
> and that's being rejected by your firewall. Is 192.168.0.10 on the same
> machine as the firewall?
>
No it's a different machine to the firewall and isn't running iptables itself.
That's why I don't understand why it doesn't work. The message appears on the
server machine and eth1 is the internal interface.
Any attempt to contact http://publicipaddress:8080/ is rejected if it comes
from inside my network but works fine if the connection comes from outside.
--
.¸¸.·´¯`·.¸¸.·´¯`· Shallow Sea Aquatics .¸¸.·´¯`·.¸¸.·´¯`·
.¸¸.·´¯`·.¸¸.·´¯ http://www.shallowsea.com ¸.·´¯`·.¸¸.·´¯`
Reply to: