Re: iptables: port forwarding and hardware router
From: the seventh sign (die.spammers_at_theinternet.now)
Date: 09/18/03
- Next message: Andy Furniss: "Re: How does Linux NAT work ?"
- Previous message: Dennis Peere: "Re: How do I start krfb (Desktop Sharing) from a terminal"
- In reply to: Tom H. Lautenbacher: "iptables: port forwarding and hardware router"
- Next in thread: Allan Bruce: "Re: iptables: port forwarding and hardware router"
- Reply: Allan Bruce: "Re: iptables: port forwarding and hardware router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 18 Sep 2003 04:33:57 -0500
"Tom H. Lautenbacher" <Lautenbacher@gmx.net> wrote in message
news:bk9pa8$r51ju$1@ID-124600.news.uni-berlin.de...
> Hello NG,
>
> I have the following configuration:
>
> INTERNET
> |
> |
> DSL-ROUTER (PPPoATM)
> 192.168.1.1
> |
> | LINUX SERVER
> |------- eth1 (192.168.1.2)
> |
> |------- eth0 (192.168.0.1) (DNS, DHCP)
> |
> SWITCH
> / | \
> / | \
> PC PC PC
> (192.168.0.xxx)
>
> *****************************************
>
> The devices are configured like this:
>
> Router: (192.168.1.1)
> ===============
> 2 routes are configured. I can't set up more details, like ports etc, only
> the following:
> Destination GW/Interface Netmask
> 0.0.0.0 <external IP> 0.0.0.0
> 192.168.0.0 192.168.1.2 255.255.255.0
>
> Linux- Server:
> ==========
> 2 NICs:
> eth0 connected to switch, 192.168.0.1
> eth1 connected to router, 192.168.1.2
>
> /etc/sysconfig/network/routes:
> default 192.168.1.1 - -
>
> iptables:
> modprobe iptable_nat
> echo "1" > /proc/sys/net/ipv4/ip_forward
> iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE
> iptables -A PREROUTING -t nat -p tcp --dport 1000 -j DNAT
> ... --to 192.168.0.150:1000
>
> /etc/dhcp.conf:
> option routers 192.168.0.1;
>
> Clients:
> ======
> (recieve all settings via DHCP)
>
> *****************************************
>
> With this settings, everything works fine, all clients can send and
recieve
> data from the internet.
>
> My Problem:
> The portforwarding doesn't seem to work. The client 192.168.0.150 doesn't
> get port 1000 forwarded, but reports a "firewalled-mode". Can anybody tell
> me, why?
>
> Thanx a lot!
>
> Tom.
>
In Mandrake's version of networking i had to change the 192.168.0.1 to
192.168.1.1 for some strange reason the networking doesn't like the .0. in
there in linux.
INTERNET
|
|
DSL-ROUTER (PPPoATM)
192.168.1.1
|
| LINUX SERVER
|------- eth1 (192.168.1.2) netmask 0.0.0.0
|
|------- eth0 (192.168.2.1) (DNS, DHCP) netmask 255.255.255.0 ****
|
SWITCH (Check to see if the uplink being used to send the data to eth0?
not nessarily turned on just plugged in to that port)
/ | \
/ | \
PC PC PC (if any of these PC's are running windows anything run the
internet connection wizzard and set up the ether card that way)
(192.168.2.xxx) netmask 255.255.255.0 ****
**** = Here is where i woudl make the changes!
as far as the firewall goes I haven't a clue.
this is just from the hardware standpoint.
TSS
- Next message: Andy Furniss: "Re: How does Linux NAT work ?"
- Previous message: Dennis Peere: "Re: How do I start krfb (Desktop Sharing) from a terminal"
- In reply to: Tom H. Lautenbacher: "iptables: port forwarding and hardware router"
- Next in thread: Allan Bruce: "Re: iptables: port forwarding and hardware router"
- Reply: Allan Bruce: "Re: iptables: port forwarding and hardware router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
