Robert wrote:> Hi,
> I have problem with port forwarding on my system. I read FAQ (1f) and
> still have problem.
> My system is:
>
> 1) Linux box with shorewall and two interfaces:
> a) eth1 with public IP a.b.c.X
> b) eth0 with private IP 192.168.1.5
>
> 2) Fortigate router with:
> a) WAN interface a.b.c.Y
> b) INT interface IP 192.168.1.1
>
> default public gateway for both is a.b.c.Z
>
> Fortigate have dhcp server and it sets default route via 192.168.1.1
> for clients from
> network 192.168.1.0.
>
> I want to forward port 80 from Linux box (a.b.c.X) to 192.168.1.10 port 80
> As I mention I read FAQ (1f) so I made this:
>
> In rules
>
> DNAT net loc:192.168.1.10 tcp 80 -
> a.b.c.X
>
> In masq:
>
> eth0:192.168.1.10 0.0.0.0/0 192.168.1.5 tcp
80
>
> But it does not work. No port forward and no info in syslog. Can
> sombody tell me
> what I am doing wrong?
>
Looks like you are doing everything correctly on the Shorewall box. Have
you followed the port forwarding debugging tips in Shorewall FAQs 1a and
1b? Have you look for forwarded traffic on eth0 with tcpdump or Wireshark?
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com