Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Port routing & iptables
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Griffon
n00b
n00b


Joined: 23 Nov 2005
Posts: 20
PostPosted: Wed Jan 24, 2007 12:17 am    Post subject: Port routing & iptables Reply with quote
Hello,

I have a network with one router and four computers behind. I have a web server on one of them on the port 9999.
I would like to route the port 80 of the router to the port 9999 of the web server. In fact, I would like to access the web server from anywhere on the internet with just typing http://my-public-ip/ in a navigator.
To do that, I used that command :

/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.0.3:9999

At the beginning, everything was working fine. I could access the web server from the outside with http://my-public-ip/ , and the computers behind the server could access the web normally. After some times, everything was going wrong. I couldn't access the web server from the outside, and the four computers couldn't access the web (the other services were working well).
I guess that my command is not the good one, and that the requests from the local network are routed to the host 192.168.0.3 instead of being routed to the internet (is that right ?). I'm wondering two things :

- Why was it working fine at the beginning ?
- What is the good command ?

I just tried this one a few minutes ago :
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -i eth1 -j DNAT --to 192.168.0.3:9999
Maybe the "-i eth1" (my internet interface) could specify when the requests should be routed to the specified host, and when they should'nt. But when I do a "iptables -t nat -L" I can't see any difference with the previous command.

Thanks for your help !
Back to top
View user's profile Send private message
Rob1n
l33t
l33t


Joined: 29 Nov 2003
Posts: 714
Location: Cambridge, UK
PostPosted: Wed Jan 24, 2007 9:46 am    Post subject: Reply with quote
Your new command looks to be the correct one (assuming eth0 is your external interface). You'll need to add the -v switch to your iptables command to see this extra info listed.
Back to top
View user's profile Send private message
Griffon
n00b
n00b


Joined: 23 Nov 2005
Posts: 20
PostPosted: Fri Jan 26, 2007 9:34 am    Post subject: Reply with quote
Thank you !
Indeed, I don't have any problem since I tried this command. I guess when you say "assuming eth0 is your external interface" you mean eth1 ? (eth0 = LAN eth1 = internet)

And thanks too for the -v !
Back to top
View user's profile Send private message
Rob1n
l33t
l33t


Joined: 29 Nov 2003
Posts: 714
Location: Cambridge, UK
PostPosted: Fri Jan 26, 2007 11:21 am    Post subject: Reply with quote
Yes, of course I mean eth1 - I must've be having reading difficulties when I wrote that as you quite plainly wrote that eth1 was your external interface. Oh well :oops:
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy