[CentOS] Can't get forwarding to work

John R Pierce pierce at hogranch.com
Mon Oct 5 04:58:33 UTC 2009


Barry Brimer wrote:
>> /sbin/ifconfig eth0:1 $WIN_EXTERNAL_IP netmask $ETH0_NETMASK broadcast
>> $ETH0_BCAST
>> /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d $WIN_EXTERNAL_IP
>> --dport 80 -j DNAT --to $WIN_INTERNAL_IP:80
>> /sbin/iptables -A FORWARD -p tcp -i eth0 -d $WIN_INTERNAL_IP --dport 80 -j
>> ACCEPT
>>
>> I have this log entry at the bottom of the firewall rules:
>>
>> /sbin/iptables -A FORWARD -j LOG --log-prefix "FORWARD "
>>
>> When I try to go to the external IP address http://a.b.c.d from
>> another network, I get an error.
>>     
>
> Do you have return POSTROUTING rules in your iptables nat table, have you 
> enabled ip forwarding?
>   

and, have you loaded the IP Connection Tracker module?  I believe thats 
required to properly track connections through the NAT process.

    # modprobe ip_conntrack








More information about the CentOS mailing list