Re: iptables and NAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2011-01-25 at 19:33 +0530, Jatin K wrote:
> I've tested this function through other ISP  ( from my other branch ) 
> .... and also checked it from my phone on 3G network

Then, you've got several things to think about:

Firewall.  Is it getting in the way, before or after the NAT rule?

Is there something before your computer (e.g. a modem/router)?  Does it
need configuring to let it through.

Is your webserver listening for connections on all interfaces?

Once you get it going, I'd go back and refine your NAT rule.  Do you
want all ports to be NATed through, or just port 80?

By way of example, I've just copied (below) a few rules that I have on
an old Fedora box, back from when I was using dial-up.  Those narrowed
down connections to only TCP, particular TCP port numbers, particular
interfaces, and/or particular source addresses.


iptables --table nat --append PREROUTING --protocol tcp --destination-port 80 --jump DNAT --to-destination 192.168.1.1:80

iptables --table nat --append PREROUTING --protocol tcp --in-interface ppp+ --source 2.3.4.5 --destination-port 80 --jump DNAT --to-destination 192.168.1.1:80

iptables --table nat --append PREROUTING --protocol tcp --in-interface ppp+ --source 0.0.0.0/0 --destination-port 443 --jump DNAT --to-destination 192.168.1.6:443

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux