How to "force" the firewall to listen to unused ports?
Whit Blauvelt
whit@transpect.com
Fri, 21 Dec 2001 13:47:33 -0500
On Fri, Dec 21, 2001 at 04:17:01PM -0200, Bruno Negr?o wrote:
> iptables -P INPUT ACCEPT
> iptables -t nat -A PREROUTING -i $EXTERNAL_INTERFACE -p tcp --dport 80 -j
> DNAT --to-destination 192.168.13.2:80
Where is that in your rules? It should work if some other rule hasn't
pre-empted it.
I have a rule that's close to equivalent to yours working fine:
iptables -t nat -A PREROUTING -p tcp -d $EXT_IP --dport 80 -j DNAT --to $INT_IP
Are you MASQUERADING or SNATing the internal server back to the Net?
Whit