[CentOS] iptables port forwarding
Christopher Chan
christopher.chan at bradbury.edu.hk
Mon Jun 27 07:43:11 UTC 2011
On Monday, June 27, 2011 03:15 PM, Ljubomir Ljubojevic wrote:
> muiz wrote:
>> Chain FORWARD (policy ACCEPT)
>> target prot opt source destination
>> REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Culprit right here. You need to allow connections to a.b.c.d.
>>
>> Chain OUTPUT (policy ACCEPT)
>> target prot opt source destination
>> -------------------------------------------------------------------------------------------------------------
>>
>>
>> To Ljubomir:
>> The remote server a.b.c.d services port 8181. And local server forward
>> its port 8080 to remote 8181.
>>
>
> Please do not top post, write your answers bellow the text, like us.
and TRIM!!!!
>
>
> This is what you posted:
> > I check the Fedora iptables setting: /etc/sysconfig/iptables files:
> >
> > :POSTROUTING ACCEPT [0:0]
> >
> > -A PREROUTING -i eth+ -p tcp --dport 8080 -j DNAT --to-destination
> > a.b.c.d:8080 ....
> >
> > :OUTPUT ACCEPT [0:0]
> >
> > -A FORWARD -i eth+ -m state --state NEW -m tcp -p tcp -d a.b.c.d --dport
> > 8080 -j ACCEPT
>
> "--to-destination a.b.c.d:8080" means your Fedora box is redirecting
> traffic to remote port 8080, not 8181 like you asked on this list.
>
Oh, dealing with it now are you?
More information about the CentOS
mailing list