search for: dnat

Displaying 20 results from an estimated 820 matches for "dnat".

Did you mean: dat
2003 Aug 28
5
Router for giving more than 1 ip
...interfaz de la red local iptables --append FORWARD --in-interface eth0 -j ACCEPT #activamos el forward echo 1 > /proc/sys/net/ipv4/ip_forward #reglas para enrutado de paketes... #1.- redirecciona las peticiones del puerto 21 a mi pc iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 21 -j DNAT --to 192.168.0.16:21 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 143 -j DNAT --to 192.168.0.16:143 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 993 -j DNAT --to 192.168.0.16:993 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 995 -j DNAT --to 192.168.0.16:995 iptables -t n...
2004 Aug 10
11
who gives access? was: why ADD_DNAT_ALIASES missing?
...file: <external ip> eth0:5 <internal ip> allow connection from BOTH <internal ip> (local zona) to the net zone (eth0''s zone) and from the net zone to the <internal ip>? or should i also have to add these to the rules file? - if the above two is not true tha why the DNAT rules do so? something similar like dnat- would be useful (just the opposite for masw and nat). - if there is dnat rules why there is not snat? i try to read all doc but these are not documented very well. some kind of advanced documentation would be useful for those how know the ip and iptables c...
2004 Sep 10
1
Is ProxyARP or NAT entries really neccesary for DNAT to work?
I have been trying to get DNAT to work and I actually have succeeded too, however, not how I thought it would work when reading through the documentation. 1. No matter what I do I cannot get DNAT to work unless I have an entry in eiter the nat or the proxyarp file. Is that really how it''s supposed to be? I can''...
2004 Sep 14
1
start error "invalid interface" on shorewall 2.08
...l protected network and host two servers in a DMZ providing http / imap/ snmp / dns services. The router''s eth0 will be assigned the public address of 66.17.65.22 and an alias eth0:0 with address of 66.17.65.161. Conceptually SERVER #1 will have a local address: 192.168.202.7 and receive DNAT for public address 66.17.65.22 and SERVER #2 will have local address: 192.168.202.8 and recieve DNAT for public address 66.17.65.161. The local pc''s on the local interface will receive SNAT sharing the public address 66.17.65.161 (I didn''t use proxy-arp because I only have two ad...
2005 Mar 18
6
Fowarding through networks
1 small question i have 4 network cards on my firewall eth0 inet eth1 internel network eth2 customer network eth3 freeswan vpn is there a way that i can connect the eth2 and eth1 network together so that i can access the servers off eth1 from eth2? Marshal McInnis Tech / Web Designs 1-205-344-4455 Ext 208
2004 Apr 01
5
DNAT PPTP questions
I have two/three PPTP servers on my network and each one of them are on their own subnet and I want to be able to send traffic to each and everyone. My rules file entry is as follows DNAT net loc:1.1.1.1 tcp 1723 DNAT net loc:1.1.1.1 47 and DNAT net loc:2.2.2.2 tcp 1723 DNAT net loc:2.2.2.2 47 however all the traffic only goes to 1.1.1.1 because its the first DNAT entry. I tried the option DETECT_DNAT_IP=Yes did not help either. Any ideas? Krish
2008 Oct 01
2
DNAT Issue
...up a web farm test lab. I have a number of machines in the test last on a dmz zone on network 10.20.30.0. The test lab firewall has two NICS. One (eth0) has two ip addresses, eth0 10.161.101.40 and eth0:0 10.161.10.49. The other one, eth1 is on a private network, 10.20.30.0. I want to use DNAT to allow test engineers to ssh into the machines in the web farm. I have included the following rules. Pound is running and listening on port 80 and 443 of the firewall. #SECTION NEW ACCEPT net $FW tcp 22 Ping/ACCEPT net $FW:10.161.10...
2005 Jan 25
2
DNS, DNAT and Notifies
...th2 detect vpn1 tun1 192.168.124.255 zones net Net Internet loc Local Local networks dmz DMZ Demilitarized zone vpn1 Tunnel1 Tunnel to LA masq eth1 eth0 To allow the Phoenix DNS server to respond, I added the following to rules: DNAT net loc:172.16.10.241 udp 53 - 12.47.198.108 DNAT net loc:172.16.10.241 tcp 53 - 12.47.198.108 This works fine except that notifies from the Phoenix DNS server to otehrs appear to be from 12.47.198.100 instead of 12.47.198.108. I tried adding the following to rules but the masquerade rule...
2004 Jan 21
3
FW: DNAT and masq problem with kernel 2.4.23
Hi, after kernel upgrade to 2.4.23 my existing configuration of shorewal 1.4.8 will not start / it fail on DNAT and/or masq with message: "iptables: Invalid argument" / I founded some similar problems description - see links bellow, but there is no solution how to get work shorewall with DNAT and masq with 2.4.23 kernel. http://www.ussg.iu.edu/hypermail/linux/kernel/0312.0/0268.html http://lists...
2013 Sep 10
4
[Bug 850] New: DNAT applied even after deleting the IP Tables DNAT Rule
https://bugzilla.netfilter.org/show_bug.cgi?id=850 Summary: DNAT applied even after deleting the IP Tables DNAT Rule Product: iptables Version: 1.4.x Platform: All OS/Version: All Status: NEW Severity: major Priority: P5 Component: iptables AssignedTo: ne...
2006 Feb 21
1
[Bug 452] New: DNAT to internal network don't work with source routing and 2 uplinks
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=452 Summary: DNAT to internal network don't work with source routing and 2 uplinks Product: netfilter/iptables Version: linux-2.6.x Platform: i386 OS/Version: Debian GNU/Linux Status: NEW Severity: normal Priority: P2...
2005 Nov 25
1
2 WAN links and DNAT
Hi Here is a short description of my network: ppp0 (adsl) ppp1 (adsl) | | | | --------------------- | Router | | Firewall | | MASQUERAD | | DNAT | | | | eth0 | --------------------- | | | ---------------------- | | Local Web and Mail Network Server I forward all incoming connection for http and SMTP to my server by us...
2003 Jan 14
3
Shorewall-1.3.13
Just some stuff that was laying around in CVS: 1. Added ''DNAT-'' target. 2. Print policies in ''check'' command. 3. Added CLEAR_TC option. 4. Added SHARED_DIR option. [teastep@wookie Shorewall]$ cat releasenotes.txt This is a minor release of Shorewall that has a couple of new features. New features include: 1) A new ''DN...
2004 Sep 02
3
Fwd: Bug#268999: shorewall: Allow action templates to use DNAT target
...nd I''m very happy with it. That said, it looks like one of the concepts could be taken a bit further. In this case, it is actions. To get the process started, I filed this bug in the Debian BTS: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=268999 >Allow action templates to use DNAT target: > > >Package: shorewall >Version: 2.0.7-2 >Severity: wishlist > >Adding this feature would enable you to make a rule like > >Action net dmz:192.0.2.177 tcp 25 > >that forwards multiple ports with DNAT targets as needed in the action file. &gt...
2005 Jun 22
0
Issue migrating from 1.4.6c to 2.4.0 with all zone in DNAT rule
Hi all, net : internet zone dmz : DMZ zone Lan : local network zone in 1.4.6c this rule : DNAT all lan:10.0.0.1 tcp http - 192.0.0.1 does generate the following iptables rules in nat table : Chain OUTPOUT DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1 Chain net_dnat DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1 Chain dmz_dn...
2005 Apr 27
1
Problems with DNAT
Hi, i''m a shorewall users and i have the following problem: I have one class C range of IP''s and i have three zones (net, dmz , loc) I need create one rule to dnat one valid ip address (but not in use in one computer) to one invalid host in my loc zone. How i do? I try this: DNAT net:200.200.200.200 dmz:200.193.137.38 tcp 137,138,139,445 - 200.200.200.200 DNAT dmz:200.200.200.200 loc:192.168.0.4 tcp...
2007 Sep 25
1
DNAT PREROUTING issue with iptables
Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 2...
2005 Dec 14
2
DNAT config not working
I am having a problem that I really just don''t get.... I have this in my rules file: DNAT net loc:192.168.1.2 tcp 21 21 Everything worked fine earlier today.. Now it is dropping packets destined for Port 21 /var/log/messages: Dec 14 00:36:39 pcp08479598pcs kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:0b:6a:3f:e6:72:00:01:5c:22:92:42:08:00 SRC=24.210.36.92 DST=68.57.216.61 LE...
2007 Mar 07
4
PREROUTING - DNAT with iptables for an ASTERISK BOX
Hi, I am running a ASTERISK BOX behind a firewall. It is at DMZ . Now I want to connect to my ASTERISK BOX from Internet. So I want to DNAT. How can I do it? Pls assume that ip address that connects to Internet on firewall is 1.2.3.4and is attached to eth0. And ASTERISK BOX is 192.168.101.23 Then, What is the rule (PREROUTING) for it? What is the port to DNAT? I think udp 5060. So I have added below 2 rules . But it does not work at...
2004 Oct 28
6
Problems with Port Forwarding
Hello all, Running the "ancient" 1.4.7-RC1 version I have a problem with port forwarding. I have for a number of external fixed IP addresses forwarding to an internal terminal server - this works :-) DNAT net:111.22.33.44 loc:192.168.1.11 tcp 3389 DNAT net:222.33.44.55 loc:192.168.1.11 tcp 3389 Now I need to forward port 80 from one external address to an internal test web server, so I figured I''d do this DNAT net:111.22.33.44 loc:192.168.1.76:80 tcp...