Displaying 20 results from an estimated 7000 matches similar to: "DNAT not working"
2010 Mar 17
2
DNAT Problem
Hi everyone!
I''m having time out problems when using a DNAT rule.
Rule:
DNAT:info cmtc loc:192.168.0.158 tcp 8011
Log:
Mar 17 17:50:17 gw kernel: [1583997.524924]
Shorewall:cmtc_dnat:DNAT:IN=eth3 OUT= SRC=10.1.0.2 DST=10.0.0.2 LEN=60
TOS=0x10 PREC=0x00 TTL=62 ID=4279 DF PROTO=TCP SPT=32791 DPT=8011
WINDOW=5840 RES=0x00 SYN URGP=0
Telnet:
root@emudar:~# telnet
2003 Mar 30
10
[Bug 71] dnat breaks connection tracking?
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=71
------- Additional Comments From laforge@netfilter.org 2003-03-30 21:18 -------
First of all: You didn't even specify the particular kernel version you are
running, not even mentioning which versions of which patches you are using (if
any).
Secondly, I don't see anything strange in this setup. DNAT with FTP sessions
2013 Oct 08
5
Shorewall dropping packets that should be forwarded
I had to restart one of my routers tonight and since then shorewall on
it has been dropping SIP packets coming in from one machine instead of
forwarding them to the freebpx server.
Shorewall:net2all:DROP:IN=eth0 OUT= MAC=<removed> SRC=<my home network
external ip> DST=<server network external ip> LEN=575 TOS=0x00
PREC=0x20 TTL=78 ID=230 PROTO=UDP SPT=5061 DPT=5060
2011 Apr 15
1
Proxyarp vs DNAT
Hello list,
I am in the process of switching from IPCOP to Shorewall s the firewall
for our small office. I very much like the fact that Shorewall runs on
top of the same OS (openSuSE 11.4) that I run on the server and my desktop.
Our setup is fairly straightforward. We have 8 static ip addresses from
our ISP, which provides a cable modem and a Cisco 800 series router.
The ip addresses are
2013 Sep 10
4
[Bug 850] New: DNAT applied even after deleting the IP Tables DNAT Rule
https://bugzilla.netfilter.org/show_bug.cgi?id=850
Summary: DNAT applied even after deleting the IP Tables DNAT
Rule
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at
2007 Mar 02
8
DNAT and Load Balancing
Hi all!
After that good thread "DGD patch not detecting dead gateway" I was
able to set up a Load Balancing with ping based DGD (without Julian
Anastasov patch). But now I''m facing a new problem and tried some
options, with only partial solutions.
I made a script based on
http://www.mail-archive.com/lartc@mailman.ds9a.nl/msg16257.html (Thank
you Manish Kathuria),
2007 Mar 04
13
[Bug 552] Strange DNAT behaviour... packet don't pass to PREROUTING and go directly in INPUT !!
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=552
------- Additional Comments From cbettero@ciditech.it 2007-03-04 21:48 MET -------
This problem prevents AJAX web sites to be hosted on the internal web server,
because many packets will be dropped instead of passing into PREROUTING chain...
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
2007 Jan 30
2
dev IFB, few questions
I''ve made some tests...
eth2 is my internal interface, LAN is connected here.
Before I had IMQ device in AB mode...
PREROUTING [A]fter NAT, POSTROUTING [B]efore NAT.
I want the same situation on ifb.
I do this in this way:
---
# incoming traffic here from LAN is before NAT
tc qdisc add dev eth2 handle ffff: ingress
# outcoming traffic here from WAN is after NAT
tc qdisc add dev eth2
2005 Jun 21
2
How to establish connection on port 80 eth0 when using shorewall???
log message :
Jun 21 17:22:04 antares kernel:
Shorewall:net2fw:ACCEPT:IN=eth0 OUT=
MAC=00:04:23:b6:f4:68:00:0f:cc:0c:55:00:08:00
SRC=213.41.177.48 DST=192.168.1.11 LEN=60 TOS=0x00
PREC=0x00 TTL=60 ID=23492 DF PROTO=TCP SPT=50859
DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
The server listening on 192.168.1.11 port 80 receives
nothing. Is there any explanation??????
Thanks in advance for your help
2008 Mar 30
7
FTP DNAT not working - "Server sent passive reply with unroutable address"
Hi all!
I am a long time lurker, but have not posted until now.
My old trusted firewall machine broke a couple of weeks ago and I replaced it
with a XEN domU that is using DNAT and has two interfaces. The firewall domU and
the FTP server domU are both guests on the same dom0. All three machines are
running Debian/etch (stable) and Shorewall has version 3.2.6.
I can''t get FTP to work
2005 Nov 25
1
2 WAN links and DNAT
Hi
Here is a short description of my network:
ppp0 (adsl) ppp1 (adsl)
| |
| |
---------------------
| Router |
| Firewall |
| MASQUERAD |
| DNAT |
| |
| eth0 |
---------------------
|
|
|
----------------------
|
2010 Apr 12
21
Using the limit action on a DNAT rule to prevent DoS attackson a specific port
Hi there.
I''m reading and reading through the doc''s and previous posts, but cannot
seem to find what I''m looking for. I want to create a rule that prevents DoS
and maybe even DDoS attacks against a specific port. The current rule looks
like this (the PORT''s and IP''s are dummies of course):
#ACTION SOURCE DEST
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to
2005 Jul 07
4
DNAT with 2 ISP''s
Hi,
I have 2 internet nic''s with differents ISPs.
eth0 = isp1
eth3 = isp2
My internal network is eth1
# /etc/interfaces
net eth0 detect routefilter,norfc1918,blacklist
net eth3 detect routefilter,norfc1918,blacklist
loc eth1 detect
# /etc/policy
loc net ACCEPT
net net DROP
2005 Dec 14
2
DNAT config not working
I am having a problem that I really just don''t get....
I have this in my rules file:
DNAT net loc:192.168.1.2 tcp 21 21
Everything worked fine earlier today.. Now it is dropping packets destined
for Port 21
/var/log/messages:
Dec 14 00:36:39 pcp08479598pcs kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MAC=00:0b:6a:3f:e6:72:00:01:5c:22:92:42:08:00 SRC=24.210.36.92
DST=68.57.216.61
2006 Aug 03
28
[Bug 498] RTP packets are not hitting NAT table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498
cfilin@intermedia.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chip@innovates.com
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are
2004 Sep 30
2
2 DSL link, DNAT & SNAT
Sorry for the long descritpion of the problem, I''d like to know If I
misunderstand something or if I meet an intrinsic limit of my setup.
217.58.51.162 HDSL eth1 - SRV_XP: 192.168.254.10
eth0: 192.168.254.1 -----+------------------+-------
81.121.243.250 ADSL eth3 -
I want to allow incoming pptp request (port 1723) to be forwarded to
srv_xp
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my
Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so
I downloaded the relevant files from the install page.
Masq and such works, but I''m having a problem with my port forwarding. It
works for port 22, but it doesn''t seem to work for any other port.
I''ve turned
2012 Sep 05
2
DNAT issue
Hi,
Sorry, not an experienced shorewall user, this is my first basic setup.
This starts to drive me crazy.
I wanted to use DNAT to forward port 33890 to an internal machine (windows)
port 3389. To reach my workstation when I''m not home.
In my rules :
DNAT:debug net loc:192.168.0.11:3389 tcp 33890 -
pub.lic.ip.add
#SECTION BLACKLIST
#well known port scans
DROP net
2005 Jul 14
7
Losing Packets after a DNAT in prerouting
I''m trying to setup some DNAT and the packets seem to be disappearing after
the PREROUTING step. The packets are coming in eth2 (both LOG targets in
iptables and tcpdump confirm this). They are then DNATed to an IP that
should cause them to go out eth3. However I never see them go out that
interface. I have tried putting LOG rules into the FORWARD chain with no
success. I''m