Fedora Users — Re: Using iptables to foward vnc

Re: Using iptables to foward vnc

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: Brad Smith <usernamenumber@xxxxxxxxx>, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: Re: Using iptables to foward vnc

From: "Christopher K. Johnson" <ckjohnson@xxxxxxx>

Date: Thu, 16 Sep 2004 08:41:34 -0400

Cc:

In-reply-to: <[email protected]>

References: <[email protected]>

Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040803

Brad Smith wrote:

The packets hit PREROUTING and FORWARD, but not INPUT or OUTPUT, as expected. All chains on the gateway ACCEPT by default The firewall on the client and vnc server is down

With iptables forwarded packets would not hit the INPUT or OUTPUT chains. That was only true of ipchains.

Given Kenneth's observation about interfaces I would double-check the address in the nat rule, and I would verify that the interface connecting to the vnc server is correctly addressed and masked to include that address. My guess is that one of those is wrong and the gw is trying to deliver the nat'd packets via its default gateway.

Chris

--
-----------------------------------------------------------
  "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
  Chris Johnson, RHCE #807000448202021