On Sunday 26 June 2011 12:53:07 muiz wrote: > Dear all, > I would like to forward a port to an internet server, but failed. can you > help me? Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6 > Remote server: IP: a.b.c.d Port: 8181 > > > Forward path: client1(192.168.1.10) -> 192.168.1.250:8080 (forward) -> > a.b.c.d Port: 8181 ----------------------------------------- > In Fedora, I successfully to config the firewall using > system-config-firewall and iptables command: 1. Run system-config-firewall > 1.1 open local port 8080 > 1.2 add a forward rule: local 8080 to remote a.b.c.d:8181, tcp > 2. echo 1 > /proc/sys/net/ipv4/ip_foward > 3. add a iptables rule: /sbin/iptables -t nat -A POSTROUTING -d a.b.c.d -p > tcp --dport 8181 -j MASQUERADE That's all. > > > > > Thanks ! You have to use Destination NAT for the job: iptables -t nat -A PREROUTING -j DNAT -p tcp --dport 8080 --to a.b.c.d:8181 echo 1 > /proc/sys/net/ipv4/ip_foward If you have more then one IPs on the local machine its a good idea to specify the destination -d 192.168.1.250 Marian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20110626/2f3f2edf/attachment-0005.sig>