Solved

Multiple IP Address with port forwarding

Posted on 2007-04-05
2
957 Views
Last Modified: 2013-12-16
I am using SME Server 7.1 (2.6.9 Kernel) as a gateway, and I have set up multiple IP addresses on one external facing network card, and I have one internal facing network card.  I would like to forward ports on to various servers on my network, i.e. X.X.X.17:80 goes to 192.168.0.1:80, X.X.X.18:80 goes to 192.168.0.2:80.  

In my /etc/rc.d/init.d/masq file, I have the following entries:
    /sbin/iptables --table nat --new-chain PortForwarding_$$
    /sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp -d X.X.X.18/32 --destination-port 80 -j DNAT --to-destination 192.168.0.2:80
    adjust_tcp_in 80 ACCEPT ForwardedTCP_$$ 192.168.0.2/32

From what I understand, this should forward all incomming requests to X.X.X.18:80 to 192.168.0.2:80, but when I try to access this web site, it times out.

Can anyone explain what I am doing wrong, or how to go about doing this?

Many Thanks in advance.
0
Comment
Question by:rtwilde
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 18872116
Standard table 'nat' has only 3 chains PREROUTING, OUTPUT and POSTROUTING. You have added 1 new chain and didn't referenced to it from any standard chain. Try to add a reference in a PREROUTING chain:
iptables --table nat -A PREROUTING -j  PortForwarding_$$
0
 

Author Comment

by:rtwilde
ID: 18875400
OK, this is what I found that works, this issue seemed to be exactly what Nopius desribed.
This forwards incomming http requests from external address X.X.X.17 to 10.1.88.10, and from X.X.X.18 to 10.1.88.11

iptables -I PREROUTING -t nat -p tcp --dport 80 -d X.X.X.17 -j DNAT --to 10.1.88.10
iptables -I FORWARD -p tcp -d 10.1.88.10 --dport 80 -i eth1 -o eth0 -j ACCEPT
iptables -A POSTROUTING -t nat -o eth1 -p tcp -s 10.1.88.10 -j SNAT --to-source X.X.X.17
iptables -I PREROUTING -t nat -p tcp --dport 80 -d X.X.X.18 -j DNAT --to 10.1.88.11
iptables -I FORWARD -p tcp -d 10.1.88.11 --dport 80 -i eth1 -o eth0 -j ACCEPT
iptables -A POSTROUTING -t nat -o eth1 -p tcp -s 10.1.88.11 -j SNAT --to-source X.X.X.18
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question