On 09/20/10 10:24 AM, alexus wrote:
> .223 has port 80 open and it accepts connection
> when i'm connecting to .221 and that suppose to foward it to .223 then
> it doesn't work
wait, those are both on the same network segment.
normally, port forwarding is used in conjunction with NAT, where the
system doing the forwarding is acting as a NAT Router in between the
internet and the private local network.
In your scenario, if .221 rewrites the destination IP to .223 and
forwards the packet to .223, the reply will be sent back to the original
client with the source as .223, and the client's IP stack won't
recognize that socket connection (a socket is the 4-tuple {source IP,
source port, dest IP, dest port}).
in a NAT environment, the local server to which the external request is
forwarded would always be sending the reply back through the NAT router
(since its also the default gateway for the LAN systems), which can then
"untranslate" the source IP back from the private/local IP to the public
IP for which the client had originally sent it to.
sounds like you want a PROXY, not 'port forwarding'.