From: Dave Airlie (airlied at domain csn.ul.ie)
Date: Fri 25 May 2001 - 11:27:55 IST
> [root at domain pasteur /]# iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j
> DNAT --to 192.168.1.6:80
well not sure you don't need the :80 on the end of to anyways for a start
.. just looking at the skynet.ie firewall rules, started out as a 10 line
iptables scripts, is now up to 116... :-)
do iptables -L PREROUTING -t nat
to get a listing of the PREROUTING tables..
Dave.
>
> but nothing - all incoming web requests are still serviced by external NIC
> and are not translated to the internal address
>
> oddly an iptables -L produces
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> as if there are no rules defined..
>
> What am I missing folks?
>
> Cheers,
>
> Fergal..
> P.S. If I wish to make these rules persistant across reboots - then where is
> the best place for them?
> --
> WASP Technologies
> http://www.wasptech.com
> Wireless Application Solutions Provider
>
>
-- David Airlie, Software Engineer http://www.skynet.ie/~airlied / airlied at domain skynet.ie pam_smb / Linux DecStation / Linux VAX / ILUG person
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:10:27 GMT