Problems with PREROUTING

Rimantas Mocevicius rmocius@auste.elnet.lt
Mon, 7 Jan 2002 20:24:36 -0000 

This is a multi-part message in MIME format.

------=_NextPart_000_0069_01C197B9.53928620
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi folks,


I have the Firewall and Web servers.
I use PREROUTING to forward from external IP to internal IP this =
command:

 iptables -t nat -A PREROUTING -i $EXTERNAL_INTERFACE -p tcp -d =
$EXTERNALIP --dport 80 \
                                 -j DNAT --to-destination =
10.105.105.198:80
and tried to add this:
 iptables -t nat -A PREROUTING -i $LOCAL_INTERFACE_1 -p tcp -d =
$EXTERNALIP --dport 80 \
                                 -j DNAT --to-destination =
10.105.105.198:80

Everything works fine except I can't open my web page from internal =
network.

Any ideas?



Cheers

Regards

Rimas


------=_NextPart_000_0069_01C197B9.53928620
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2712.300" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi folks,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I have&nbsp;the Firewall and Web=20
servers.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I use PREROUTING&nbsp;to forward from =
external IP=20
to internal IP this command:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;iptables -t nat -A PREROUTING -i=20
$EXTERNAL_INTERFACE -p tcp -d $EXTERNALIP --dport 80=20
\<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
-j DNAT --to-destination 10.105.105.198:80</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>and tried to add this:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;iptables -t nat -A PREROUTING -i=20
$LOCAL_INTERFACE_1 -p tcp -d $EXTERNALIP --dport 80=20
\<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
-j DNAT --to-destination 10.105.105.198:80<BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Everything works fine except I can't =
open my web=20
page from internal network.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Any ideas?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;</DIV></FONT>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Cheers</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Regards</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Rimas</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;</DIV></FONT></BODY></HTML>

------=_NextPart_000_0069_01C197B9.53928620--