I log new external connections to my web server, via:
Code:
$IPTABLES -A INPUT -i $EXTIF -m state --state NEW -p tcp -s $UNIVERSE -d $EXTIP --dport 80 -j LOG --log-prefix "NEW80:" --log-level info
$IPTABLES -A INPUT -i $EXTIF -m state --state NEW -p tcp -s $UNIVERSE -d $EXTIP --dport 80 -j ACCEPT
However, and as you can see from my second line, I am not forwarding the packet. Your case might require such a rule in the FORWARD chain, similar to what I (temporarily) do for another server (but port 80 in your case):
Code:
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -p tcp --dport 80 -d 192.168.111.112 -m state --state NEW -j LOG --log-prefix "PFNEW80:" --log-level info
Where this is the corresponding PREROUTING rule (dport would be 80 for your case):
Code:
$IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF --dport 8083 -j DNAT --to 192.168.111.112:80
Bookmarks