Hi,
I wonder if someone can help me with this, i need to forward port 80 on my ubuntu server to another machine on my network
my incoming connection is ppp0 & my network machine is 192.168.2.250 (eth0)
Thanks for the help
Hi,
I wonder if someone can help me with this, i need to forward port 80 on my ubuntu server to another machine on my network
my incoming connection is ppp0 & my network machine is 192.168.2.250 (eth0)
Thanks for the help
Last edited by viperce; April 1st, 2011 at 10:15 AM.
Bump
Try,
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to 192.168.2.150
You will likely have to enable forwarding,
echo 1 > /proc/sys/net/ipv4/ip_forward
These both need to be done after booting so should be added to a script in /etc/network/if-up.d/ directory where they get run at init.
hi Bonanza
I tried the commands you gave me but they did not seem to work.
any other ideas?
That command should work. I've used the same on my Ubuntu based router. Can you post the output of iptables -vnL here? Note, you will need to use sudo when you do anything with iptables.
Also the output of the route -n command because if you don't have a route set correctly then it won't go where you expect. Is there a second interface for your LAN other than ppp0? eg. eth0
iptables -vnL
route -nChain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
873 217K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
460K 98M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1759 87024 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp multiport dports 25,3128
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
632 30320 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp multiport dports 25,3128
0 0 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp multiport dports 80,5900
1 52 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5900
0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp multiport dports 21,22
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp multiport dports 21,22
1 40 DROP tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1025:65535 flags:0x17/0x02
42 5496 DROP udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1025:65535
57 18931 DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1025:65535
45 8688 DROP udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1025:65535
3 144 DROP tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:1024
0 0 DROP tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:1024
0 0 DROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:1024
0 0 DROP udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1:1024
1319 180K DROP udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1:1024
3328 420K DROP udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1:1024
7 1292 DROP all -- ppp0 * 0.0.0.0/0 0.0.0.0/0
57 1824 DROP all -- eth1 * 0.0.0.0/0 0.0.0.0/0
121 3872 DROP all -- eth0 * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 798K packets, 1020M bytes)
pkts bytes target prot opt in out source destination
ye i have eth1Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
41.133.132.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth1
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
I should have also asked for iptables -t nat -vnL since that isn't shown in your listing. The routing seems ok. At least something for 192.168.2.150 should be going out eth0, which I assume is the correct network for the destination server.
Also note that you have a DROP on eth0 for inputs to destination port 1-1024. I'd expect that isn't causing the issue but for the purposes of debugging I'd say it's best to test with a clean iptables to be sure there isn't some interefence from other rules.
iptables -t nat -vnL
ty i will try that so longChain PREROUTING (policy ACCEPT 32218 packets, 2867K bytes)
pkts bytes target prot opt in out source destination
4 192 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.2.150
798 38304 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.2.150
Chain OUTPUT (policy ACCEPT 3533 packets, 226K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 3533 packets, 226K bytes)
pkts bytes target prot opt in out source destination
Morning,
OK I removed all the rules & started again but it still will not work.
I can connect to the web server locally no problem http://192.168.2.150
but still no joy through the ppp0 connection
Here is everything you asked me for yesterday thanks again for the help
iptables -vnL
iptables -t nat -vnLChain INPUT (policy ACCEPT 2198 packets, 204K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 3 packets, 152 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 725 packets, 94037 bytes)
pkts bytes target prot opt in out source destination
route -nChain PREROUTING (policy ACCEPT 847 packets, 102K bytes)
pkts bytes target prot opt in out source destination
4 204 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:192.168.2.150
Chain POSTROUTING (policy ACCEPT 12 packets, 783 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 11 packets, 731 bytes)
pkts bytes target prot opt in out source destination
also checked ip_forwardKernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
41.133.132.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
root@proxyserver:/# cat /proc/sys/net/ipv4/ip_forward
1
Last edited by viperce; March 17th, 2011 at 07:58 AM.
Bookmarks