[Firewall] HTTPS port forwarding to vlan

Romy Roma bouroy at googlemail.com
Sat Mar 27 23:14:58 CET 2010


Hi
I am new in arno iptables firewall and cannot get the port forwarding work
from my internet interface eth0  to an internal  vlan says dummy0:105

I expected putting something like this in the config will do the job:

NAT_FORWARD_TCP="443>10.120.xxx.105~8543 80>10.120.xxx.105~8180"
1. Forward incoming https request to IP 10.120.xxx.105 on port 8543
2. Forward incoming http request to IP 10.120.xxx.105 on port 8180

But no reply from server.

In the log:
AIF:UNPRIV connect attempt: IN=eth0 OUT= MAC=xxxx SRC=91.64.138.xx
DST=10.120.xxx.105 LEN=60 TOS=0x08 PREC=0x00 TTL=
54 ID=14473 DF PROTO=TCP SPT=32974 DPT=8543 WINDOW=5840 RES=0x00 SYN URGP=0


BUT If I turn off the arno iptables and execute following iptable rule, it
works fine:

iptables -t nat -A PREROUTING -s ! 10.120.xxx.0/23 -m tcp -p tcp --dport 443
-j DNAT --to-destination 10.120.xxx.105:8543

Am i missing something in the configuration?

Please any help is welcome

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20100327/4e786cae/attachment.htm>


More information about the Firewall mailing list