Firewall Wizards mailing list archives
RE: iptables dnat problem
From: "Michael" <michael () insulin-pumpers org>
Date: Wed, 08 Feb 2006 18:03:59 -0800
Hi Michael, I suspect it's because you haven't specified the destination address. Maybe try something like the following iptables -t nat -A PREROUTING -d $SECOND_IP_EXT -p tcp -m tcp --dport 25 -j DNAT --to-destination $SECOND_IP_INT:10025 Luke Butcher Network/Security Consultant www.alphawest.com.au
hmmm.... I figured it out. It was because I was not allowing the INPUT chain to pass the redirected packet on port 10025. Needed a rule like; iptables -A INPUT -p tcp -s 0/0 --dport 10025 -j allowed Thanks for your help. Michael _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- iptables dnat problem Michael (Feb 07)
- Re: iptables dnat problem Juan Pablo Feria Gomez (Feb 08)
- <Possible follow-ups>
- RE: iptables dnat problem Luke Butcher (Feb 20)
- RE: iptables dnat problem Michael (Feb 09)