Thanks Marian, The server only has one IP. I think I should add more iptables records, only one NAT record is not enough,isit correct? If yes , then how?
2011-06-26 23:38:58,"Marian Marinov" mm@yuhu.biz wrote:
On Sunday 26 June 2011 12:53:07 muiz wrote:
Dear all, I would like to forward a port to an internet server, but failed. can you help me? Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6 Remote server: IP: a.b.c.d Port: 8181
Forward path: client1(192.168.1.10) -> 192.168.1.250:8080 (forward) -> a.b.c.d Port: 8181 ----------------------------------------- In Fedora, I successfully to config the firewall using system-config-firewall and iptables command: 1. Run system-config-firewall 1.1 open local port 8080 1.2 add a forward rule: local 8080 to remote a.b.c.d:8181, tcp 2. echo 1 > /proc/sys/net/ipv4/ip_foward 3. add a iptables rule: /sbin/iptables -t nat -A POSTROUTING -d a.b.c.d -p tcp --dport 8181 -j MASQUERADE That's all.
Thanks !
You have to use Destination NAT for the job:
iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to a.b.c.d:8181 echo 1 > /proc/sys/net/ipv4/ip_foward
If you have more then one IPs on the local machine its a good idea to specify the destination -d 192.168.1.250
Marian