port forwarding problem. Probably easy if you know how.
I'm running sarge on a vintage Pentium as a gateway machine for a home
network.
My machine was cracked last December and I reinstalled everything
from scratch using a sarge netinstall CD. (I checked all scripts I
resurrect from the old system, and recompiled all my *own* binaries
from original source code. The script I mention below hasn't been
molested.)
I run the same script for port-forwarding and masquerading that I used
before the reinstall.
But it doesn't work.
Lines like
iptables -t nat -A PREROUTING --protocol tcp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
iptables -t nat -A PREROUTING --protocol udp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
iptables -t nat -A POSTROUTING --protocol udp -s 172.25.1.5 --sport 27012 -j SNAT --to-source 216.138.195.194:27012 --verbose
iptables -t nat -A POSTROUTING --protocol tcp -s 172.25.1.5 --sport 27012 -j SNAT --to-source 216.138.195.194:27012 --verbose
have no effect at all (as checked by iptables --list)
but the line
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
works like a charm.
I suspect there's probably a missing kernel module. But which one?
And where do I find it? The docs for iptables way that it will attampt
to load any necessary modules, so I presume a simple modprobe isn't
enough. Or else that it doesn't try hard enough.
-- hendrik
Reply to: