[TCLUG] redirect with iptables command

Fri Jun 18 16:46:31 CDT 2004

Quoting Randy Clarksean <rclark at lakesplus.com>:

<snip> 
> That did take care of the error for the iptables command .. but it still
> does not make it through the firewall.  The packets still die ... nothing
> makes it to the internal machine.  I added the first command to just open up
> port 1025 from everywhere in the world ...hoping that it would help
> (apparently it didn't)
> 
> CURRENT COMMANDS:
> 
> $IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 1025 -j ACCEPT
> $IPT -A tcp_inbound -p udp -s 0/0 --destination-port 1025 -j ACCEPT
> $IPT -t nat -A PREROUTING -p tcp -d 172.16.5.47 --dport 1025 -j DNAT \
>  --to-destination 192.168.1.99:22
> 
> LOG FILE MESSAGE
> 
> Jun 17 12:25:49 server kernel: FORWARD packet died: IN=eth1 OUT=eth0
> SRC=131.216
> .114.113 DST=192.168.1.99 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=24688 DF
> PROTO=TCP SPT=42431 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> 
> COMMAND USED TO SSH
> 
> ssh -p 1025 -l rclark 63.98.3.64
> 
<snip>

do you have something to the effect of -A FORWARD -i eth0 -o eth1 -j tcp_inbound
?

Josh

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list