[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] iptables redirect

To: list@xxxxxxxxxxxx
Subject: [LUG] iptables redirect
From: Alex Charrett <alex@xxxxxxxxxxxx>
Date: Wed, 1 Jun 2005 14:02:02 +0100 (BST)


I'm getting some weird iptables behaviour - anyone got any ideas?

Some iptables snippits from a server I'm looking at...


So first, I want to accept port 2000 connections from a certian IP:

iptables -A INPUT -i eth1 -s $WORKSTATION -d $THIS_SERVER -p tcp --dport 2000 -j ACCEPT

Then I want to redirect 2000 to 3000 as the firewall in front of the workstation doesn't allow port 3000 out:

iptables -t nat -A PREROUTING -i eth1 -s $WORKSTATION -p tcp --dport 2000 -j REDIRECT --to-port 3000

Now by default, I want to drop stuff I've not explicitly allowed. But this is preventing the above working, unless i change DROP to DENY.

iptables -A INPUT -i eth1 -m state --state NEW,INVALID -j DROP

I'm sure there are some people with a better understanding of iptables than me on here :)

Cheers,
Alex.

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html

Follow-up: [LUG] Re: iptables redirect
- From: Alex Charrett

Prev by Date: Re: [LUG] User accounts and parking for meeting
Next by Date: Re: [LUG] User accounts and parking for meeting
Previous by thread: Re: [LUG] User accounts and parking for meeting
Next by thread: [LUG] Re: iptables redirect
Index(es):
- Date
- Thread