NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

DNAT Problems

from [Rafael Paris] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: DNAT Problems
From: "Rafael Paris" <raparis@gmail.com>
Date: Wed, 28 Feb 2007 10:33:19 -0400
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j7/FIVknQVrNFX+8yfqAFZrHVddQhb8UoBoYVfgbzth80TCZ3NN6X2cDCI/XsWTW8tr4MwIm9GC0fE5pYTCzT3A/j+kM90xrOuwz3igY7VgNn+w5+TfS6T/Pd98tPQb11S2aUgdjU6vCmHTdJefyjnvf8bTriItKBvCxThwG5hQ=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jill+zeBym95WY8QIqS52MoHJKlTW426DufNChP3TMBU97nWjc5E/MHABWjMNOlxtpozn3BOWKhdLvHbY2L2KFE7DUbjI3wPTkyjwLexyPEHH0VPaQUrGUO9JjHWGEpEo+qa8DleEuR0kuK/3Ondv84NIvnHKb5qijQPaOHM8ZM=
In-reply-to: <431a83ad0702280632w5c72b1d8rec20f41424b1927c@mail.gmail.com>
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References: <431a83ad0702280632w5c72b1d8rec20f41424b1927c@mail.gmail.com>
Sender: netfilter-bounces@lists.netfilter.org 
Good morning everyone...

I have been trying to have access to my internal mail server from
internet but always get connection timed out.
This is a very short set of rules being used for testing purposes with
no success:

iptables -P FORWARD ACCEPT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT

iptables -t nat -A PREROUTING -p tcp -i ppp0 -d <external_fixed_ip>
--dport 110 -j DNAT --to-destination <internal_ip:110>
iptables -t nat -A PREROUTING -p tcp -i ppp0 -d <external_fixed_ip>
--dport 25 -j DNAT --to-destination <internal_ip:25>

iptables -t nat -A POSTROUTING -o ppp0 -j SNAT --to <external_fixed_ip>

I'm using one ethernet device with my lan ip address and I can reach
the mail server from this host.
My kernel is 2.6.19.2 with iptables 1.3.7

I also used these rules with kernel 2.4.34 and nothing.

Thanks in advanced for any comments.

Cheers,
Rafael
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re IPv6 MARK support, Yasuyuki KOZAKAI
Next by Date:  Balancing two connections, D K
Previous by Thread:  Iptables: strange way of blocking UDP traffic, massimo bortolan
Next by Thread:  Re: DNAT Problems, Jan Engelhardt
Indexes:  [Date] [Thread] [Top] [All Lists]