Re: Re: SV: SV: Port forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: fedora-list@xxxxxxxxxx
Subject: Re: Re: SV: SV: Port forwarding
From: Andy <ag1234@xxxxxxxxx>
Date: Tue, 25 Jan 2005 14:02:17 +0100
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041217

Andre Speelmans wrote:
> AFAIK the SSL-certificate is not bound to an IP-address, so this
> should not give you any problem.

Right.

> This last one should read:
> iptables -t nat -A POSTROUTING -p tcp --sport 80 -s 65.114.4.69 \
>         -j SNAT --to-source <your external IP address on this machine>

NO! that doesn't make sense. In http/https connections, the source port
is an arbitrary high port, and the _destination_ port is 80/443.

In order to forward the https trafic either change "80" to "443" end up with 4 lines, 2 PREROUTING and 2 POSTROUTING or use the multiport extension: "-m multiport --dports 80,443" in both lines of the original example.

/Andy

Follow-Ups:
- Re: SV: SV: Port forwarding
  - From: Andre Speelmans

Prev by Date: Re: Redhat-config-xfree86
Next by Date: file system errors for password file
Previous by thread: Re: SV: SV: Port forwarding
Next by thread: Re: SV: SV: Port forwarding
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]