I have serwer on local machine on port 8000, i want to redirect all asks from internet to my 217.96.90.134 on 8000 port to my local computer 192.168.1.6 on 8000 port, because serwer is on 192.168.1.6, not on 217.96.90.134. I have made rule : DNAT net loc:192.168.1.6:8000 tcp 8000 but it is not working, no one can connect from internet to my local machine serwer, please help me
On Wed, 2003-11-19 at 11:31, viuwier wrote:> I have serwer on local machine on port 8000, i want to redirect all asks > from internet to my 217.96.90.134 on 8000 port to my local computer > 192.168.1.6 on 8000 port, because serwer is on 192.168.1.6, not on > 217.96.90.134. > > I have made rule : > DNAT net loc:192.168.1.6:8000 tcp 8000 > > but it is not working, no one can connect from internet to my local > machine serwer, please help mePlease see FAQs 1b and 1c; they give tips on troubleshooting these types of problems. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Wed, 2003-11-19 at 11:39, Tom Eastep wrote:> Please see FAQs 1b and 1c; they give tips on troubleshooting these types > of problems.Sorry -- make that "1a" and "1b" (can''t remember my own naming convention). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Wed, 2003-11-19 at 13:38, viuwier wrote:> > Please see FAQs 1b and 1c; they give tips on troubleshooting these types > > of problems. > > I have read it, it is Shoutcast serwer on local machine (192.168.1.6) > and still can''t connect form internet, it is running on 8000 port but > it is needed also 8001 to work. > > 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8000 to:192.168.1.6:8000 > 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8001 to:192.168.1.6:8001So -- you have shown that the requests aren''t reaching those rules. Your firewall can''t forward requests that it doesn''t get. Try "tcpdump -ni <your external interface> port 8000" -- do you get any output when someone tries to connect? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Wed, 2003-11-19 at 13:55, Tom Eastep wrote:> Try "tcpdump -ni <your external interface> port 8000" -- do you get any > output when someone tries to connect? >For example, if your internet interface is eth0 then: tcpdump -ni eth0 port 8000 -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net