SOLVED: Port forwarding doesn't work

Post Reply
Peter_w
Posts: 5
Joined: Mon Aug 04, 2008 7:43 pm

SOLVED: Port forwarding doesn't work

Post by Peter_w »

Hi,

I setup a linux router,
it has nat-gateway and is working perfectly.

Except the port forwarding from the internet to the local network.
I think i did everything ok.

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip/forward

iptables -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.2:8080
When i test the connection from the outside,
it just time out.
Chris
Site Admin
Posts: 129
Joined: Mon Jul 21, 2008 9:45 am
Location: Leuven, Belgium
Contact:

Re: Port forwarding doesn't work

Post by Chris »

I think you forgot the actual forwarding.
Check it with:

Code: Select all

iptables -L
For you particual case:

Code: Select all

iptables -A FORWARD -p tcp -d 192.168.1.2 --dport 8080 -j ACCEPT
The next schema makes it clear:

Code: Select all

PACKET IN
    |
PREROUTING--[routing]-->--FORWARD-->--POSTROUTING-->--OUT
 - nat (dst)   |           - filter      - nat (src)
               |                            |
               |                            |
              INPUT                       OUTPUT
              - filter                    - nat (dst)
               |                          - filter
               |                            |
               `----->-----[app]----->------'
It comes from the site:
http://www.systutorials.com/816/port-fo ... -iptables/
Chris
Site Admin
Posts: 129
Joined: Mon Jul 21, 2008 9:45 am
Location: Leuven, Belgium
Contact:

Re: Port forwarding doesn't work

Post by Chris »

Yep, that was my mistake.

The standard forward policy was set to drop,
and only related and established connections.

Setting the prerouting is not enough,
I also need to set the forward.

Thanks,
the little schema made it clear :-)
Post Reply