On Tuesday 25 January 2011 06:16 PM, Jorge Fábregas wrote: > On 01/25/2011 08:17 AM, Jatin K wrote: >> but server is not forwarding the packets to the web server > Besides the NAT rule, you'll need a forward rule (as that traffic is not > for the machine hosting the firewall). I think you'll need something like: > > iptables -A FORWARD -d 192.168.131.131 -p tcp --dport 80 -j ACCEPT > > ...and of course check the firewall on the web-server to allow incoming > TCP/80. > > -- > Jorge I've done the following [1] echo 1 > /proc/sys/net/ipv4/ip_forward ( enabled ip forwarding ) [2] iptables -A FORWARD -d 192.168.131.131 -p tcp --dport 80 -j ACCEPT [3] iptables -t nat -A PREROUTING -d xx.xx.xx.xx -p tcp --dport 80 -j DNAT --to-destination 192.168.131.131 port 80 is opened on the web server I'm able to access the web -page from internal systems as well as from the firewall it self through elinks but not able to access the web-page from Internet ( means firewall system is not forwarding the packets to the web server ) I've also tried following rule in firewall for SNAT iptables -t nat -A POSTROUTING -s 192.168.131.131 -j SNAT --to-source xx.xx.xx.xx but it fails what do I need to check further .... what other configuration do I need ?? Thnx -- °v° /(_)\ ^ ^ Jatin Khatri Registerd Linux user No #501175 www.counter.li.org No M$ -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
