[CentOS] Can't get forwarding to work

Barry Brimer lists at brimer.org
Mon Oct 5 01:58:24 UTC 2009


> Hello all:
>
> I am having trouble getting port forwarding
> with iptables to work.
>
> I have this configuration:
>
> Internet --- Linux machine --- Windows machine
>
> The windows machine is set up to listen on
> IP address 10.0.0.31
>
> I am able to use lynx to connect to http://10.0.0.31 on
> the linux machine so there is no problem going from
> the linux machine to the windows machine.
>
> I have tied a public IP address a.b.c.d to the
> linux machine and entered these rules in its
> firewall:
>
> /sbin/ifconfig eth0:1 $WIN_EXTERNAL_IP netmask $ETH0_NETMASK broadcast
> $ETH0_BCAST
> /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d $WIN_EXTERNAL_IP
> --dport 80 -j DNAT --to $WIN_INTERNAL_IP:80
> /sbin/iptables -A FORWARD -p tcp -i eth0 -d $WIN_INTERNAL_IP --dport 80 -j
> ACCEPT
>
> I have this log entry at the bottom of the firewall rules:
>
> /sbin/iptables -A FORWARD -j LOG --log-prefix "FORWARD "
>
> When I try to go to the external IP address http://a.b.c.d from
> another network, I get an error.

Do you have return POSTROUTING rules in your iptables nat table, have you 
enabled ip forwarding?


More information about the CentOS mailing list