Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

RE: iptables dnat problem
From: "Michael" <michael () insulin-pumpers org>
Date: Wed, 08 Feb 2006 18:03:59 -0800


Hi Michael,

I suspect it's because you haven't specified the destination address.

Maybe try something like the following 
   iptables -t nat -A PREROUTING -d $SECOND_IP_EXT -p tcp -m tcp --dport
25 -j DNAT --to-destination $SECOND_IP_INT:10025

Luke Butcher
Network/Security Consultant
www.alphawest.com.au



hmmm.... I figured it out. It was because I was not allowing the INPUT 
chain to pass the redirected packet on port 10025. 

Needed a rule like;
iptables -A INPUT -p tcp -s 0/0 --dport 10025 -j allowed

Thanks for your help.

Michael

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault