[CentOS] ls network address traslation different in centos?
Robert Spangler
mlists at zoominternet.net
Fri Jan 2 03:13:55 UTC 2009
On Wednesday 31 December 2008 16:05, chloe K wrote:
> ls the network address traslation in centos5.2 different?
Nope.
> I disable the default iptable rule and use the following commands but I
> can't connect http://public:8080 from outside to this host 192.168.0.10
> port 80
>
> eth1 is public address
> eth0 is private address 192.168.0.1
>
> iptables -F -t nat
> iptables --table nat --append POSTROUTING --out-interface eth1 -j
> MASQUERADE iptables --append FORWARD --in-interface eth0 -j ACCEPT
> iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth1 -j DNAT --to
> 192.168.0.10:80
Your rules are in need of help.
First off I am not even sure what you are doing will work, i.e.;
--append or --table
These are written as '-A' and '-t'
Try these;
iptables -F -t nat
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# !!! Following line is wrapped !!!
iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth1 -j DNAT
--to-destination 192.168.0.10:80
iptables -A FORWARD -i eth0 -j ACCEPT
You could and should tighten these rules up. You should look into Stateful
packet inspection for your firewall. If you are looking to learn how to
write your own rules use the following;
http://iptables.rlworkman.net/chunkyhtml/index.html
--
Regards
Robert
Linux User #296285
http://counter.li.org
More information about the CentOS
mailing list