Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Iptables And Forwarding
mjcocat
post Oct 25 2004, 11:13 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 4
Joined: 25-October 04
Member No.: 4,029



I have been reading google searched articles all morning, but nothing.

What I am trying to do:

Access an internal machine on my network that is being NAT'd by a cable/dsl router. I want to access an internal windows machine on port 3389.

Setup:

Linksys cable/dsl router that has a DMZ setup to allow all traffic to my linux box running fedora 2. Linux box is runing IPtables. The linux box does not have a public ip.

I tried setting up prerouting and postrouting with masquerade, but I can't access my windows machine. I just want it to forward/route all port 3389 traffic.
Go to the top of the page
 
+Quote Post
surph
post Oct 25 2004, 11:43 AM
Post #2


Whats this Lie-nix Thing?
*

Group: Members
Posts: 2
Joined: 25-October 04
Member No.: 4,030



Try this... (if udp, substitute for tcp)

iptables -A FORWARD -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to x.x.x.x

where...
eth0 = interface connected to dls/cable router
x.x.x.x = internal windows machine IP address

Depending on the application, you may need some type of STATE tracking.
Go to the top of the page
 
+Quote Post
mjcocat
post Oct 25 2004, 11:58 AM
Post #3


Whats this Lie-nix Thing?
*

Group: Members
Posts: 4
Joined: 25-October 04
Member No.: 4,029



I have tried that, but it did not work. I am wondering if there is a problem going through a double NAT. Once at the dsl router, and then again at the linux box.

sorry for the double post, I couldn't figure out how to delete it.
Go to the top of the page
 
+Quote Post
mjcocat
post Oct 25 2004, 12:08 PM
Post #4


Whats this Lie-nix Thing?
*

Group: Members
Posts: 4
Joined: 25-October 04
Member No.: 4,029



Actually, using the syntax:

./iptables -A FORWARD -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to 192.168.0.105

results in "invalid argument".
Go to the top of the page
 
+Quote Post
hughesjr
post Oct 25 2004, 06:38 PM
Post #5


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



If your setup is that the router has both the linux and windows machines connected to it, you need to use the router to forward port 3389 to the windows machine ... not the linux machine.

Just go to the port forwarding section of the router and forward 3389 to the Windows machine.


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 13th December 2017 - 08:16 AM