trouble with nat
geoffrey
geoffrey@ticom.com
Sat, 4 Nov 2000 15:42:03 -0600
--RhUH2Ysw6aD5utA4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I'm having a painful time doing NAT. I compiled all netfilter=20
stuff into the kernel - not modules. Now I am trying to move my webserver
behind the firewall. The address is: 216.60.122.2. I want to change it to
to: 192.168.0.101. So, I do and move the box. I check the routing tables,
and connectivity. I can see the gateway, and it appears okay. Now, on the
gateway I do:
=20
iptables -A PREROUTING -t nat -p tcp -d 216.60.122.2 --dport 80 -j DNAT \
--to 192.168.0.101:80
=20
and
=20
iptables -A OUTPUT -t nat -p tcp -d 216.60.122.2 --dport 80 -j DNAT \
--to 192.168.0.101:80
=20
Now, this should take care of the situation, correct? Well it doesn't.
When I try to reach the web server from either side - inside or outside
the firewall, I get nothing. When I run iptables -L I get the default
untouched entries of:
=20
Chain INPUT (policy ACCEPT)
target prot opt source destination
=20
Chain FORWARD (policy ACCEPT)
target prot opt source destination
=20
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
=20
Why does nothing show up? I shouldn't need to insmod anything since it's =
=20
all compiled in. Any ideas? Thanks for all help.
geoffrey
--=20
+++++++++++++++++++++++++++++++++++
Santa Claus,
the Tooth Fairy,
Windows 2000 ...
Some things you just outgrow.
++++++++++++++++++++++++++++++++++
Key fingerprint =3D=3D=3D> B83C C6E1 68F8 CEC9 8636 86B5 1F0E 9D33 E749 1B=
A6
Public key available upon request.
--RhUH2Ysw6aD5utA4
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6BIKrHw6dM+dJG6YRAqoEAJ96YZcgbaMgeW8lv6jOAedBRJX2zgCgtwyw
6iyBGy4Pqihs9Ulzq0CKu3M=
=cZu7
-----END PGP SIGNATURE-----
--RhUH2Ysw6aD5utA4--