forwarding failure

Sun, 25 Jun 2000 17:31:49 +1000

In message <395197E5.C321AC53@oceania.net> you write:
> 
> I am trying to move some small servers behind a firewall
> but am not having a great deal of success. I can ping from the internal
> network
> (192.168.0.0) to the outside world but cannot get back in when i try to 
> setup small proxy on the internal net.
>  #Proxy
> $IPTABLES -A PREROUTING -t nat -p tcp -d 203.41.132.69:8080 -j DNAT --to
> 192.168.0.79:8080
> $IPTABLES -A PREROUTING -t nat -p udp -d 203.41.132.69:8080 -j DNAT --to
> 192.168.0.79:8080

Hmm... That's a trap if that passes the parser... it should be
	-d 203.41.132.69 --dport 8080

Also, (harmless) you don't need to specify the port in --to, since
DNAT will never change the port unless told to specifically.

Rusty.
--
Hacking time.