[Techtalk] iptables NAT forwarding...
Walt
pippin at freeshell.org
Wed Jun 5 08:41:26 EST 2002
Conor Daly wrote:
>I wrote:
> > > All I'm trying to do is forward a connection
> > > to port 2346 on my server's external iface to
> > > an internal computer on the same port.
> > >
> > > My iptables command is simply this:
> > > iptables -A INPUT -p udp --dport 2346 -d [EXT_IP] -j ACCEPT
> >
> > Don't you want "-s [EXT_IP]" instead of -d here? As I understand your
> > requirements, you want packets originating from the external address to
> > be redirected.
>
>No, that's correct since this is traffic coming in (via the external
>interface) *to* the external IP address. He could use a "-s
>[TRUSTED_IPS]" to specify a set of IP addresses to allow connections from
>rather than allowing connections from *any* Ip out there
Yep Conor, that's what I'm trying to do, and
also you're right about netcat not working on
localhost, oops. :-)
I have part of this resolved. My usage on this
is forwarding external connections for Rainbow 6
Rogue Spear and Unreal Tournament to internal
game servers. The reason I say I have it partially
resolved is that Unreal works perfectly with just
a rule added to the INPUT chain and the NAT
PREROUTING chain for ports 7777 and 7778.
Rogue Spear just doesn't work and they don't
have a linux version for a server. I had given up
on that for now, but I will try adding a rule to the
output chain and see if that makes a difference.
Thanks!
Walt
-~
Most people would rather defend to the death your right to
say it than listen to it.
Robert Brault
More information about the Techtalk
mailing list