[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How configure Iptable in RedHat 8.0



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 12 Jun 2003 13:52:43 +0700, Le Ngoc Thach wrote:

> I'm using iptables-1.2.6a-2 in RedHat 8.0 router, gateway and firewall.
> I can not configure to implement the case:
> Ex:
> - External IP of gateway is 203.162.4.1, this host is also listening at
> port 80 (Apache WebServer) and portal 8080 (Tomcat).
> - Internal IP of gateway is 192.168.2.1
> - An other internal host is 192.168.2.2, this host is listening at port
> 80 (IIS WebServer).
> 
> I want a user can go to http://203.162.4.1:81 to access the internal
> host 192.168.2.2 that IIS is running.
> I have tried to use "PREROUTING" such as
> 
> /sbin/iptables -A PREROUTING -t nat -d 203.162.4.1 -p tcp --dport 81 -j
> DNAT --to 192.168.2.2:80
> 
> (View my configuration iptable in attachment).
> 
> but url "http://203.162.4.1:81"; does not work. If I try "REROUTING" to
> 192.168.2.1 such as:
> /sbin/iptables -A PREROUTING -t nat -d 203.162.4.1 -p tcp --dport 81 -j
> DNAT --to 192.168.2.1:8080
> 
> It's OK. Then, http://203.162.4.1:81 is TomCat HomePage.
> 
> What is woring? Please help me!

In your attached set of rules, your FORWARD chain does not allow the
DNAT'ed traffic. Also, you didn't mention that you have set
/proc/sys/net/ipv4/ip_forward to "1" manually or via sysctl or
redhat-config-proc.

- -- 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6HLi0iMVcrivHFQRAsK/AJ423apRaOIWm6q9RJEMwB2jvh8jlwCghVzV
LSrXA9prrD0sXM/BfGK9OjY=
=zq1s
-----END PGP SIGNATURE-----




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]