Hi folks, I've got a bit of a problem with setting up forwarding on my firewall and I can't seem to figure out what I am doing wrong.
I have a tomcat server running on port 8080 on a machine in my network. I have set up the following rules so that the outside world can get to it: iptables -A FORWARD -i eth0 -o eth1 -d 192.168.0.10 -p tcp -j ACCEPT iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 8080 -j DNAT --to-destination 192.168.0.10 the outside world can now contact that machine on port 8080 (I don't like the forwarding rule that much it feels to "open" I tried to restricted it to just port 8080 with the --dport option but it would seem you can't use that on the forward table). Anyway, this natting / forwarding is in place because I am developing against another server which needs to contact me at one point. At the end of the process the server sends a redirect to a web browser but the redirect always fails on my machine. That's not very clear so here is the course of events 1)client (me) is at my website 2)client is redirected by my website to other website 3)other website contacts my server (this is fine so forwarding / natting is working) 4)other website redirects client back to my server 5)...... nothing happens ...... I do get a bunch of these appear in the log but adding a forwarding rule that lets this through doesn't solve the problem. Jul 12 13:33:44 server kernel: IN=eth1 OUT=eth1 SRC=192.168.0.10 DST=192.168.0.10 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=31478 DF PROTO=TCP SPT=46062 DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 I think the problem is that the redirect is to my public IP address and I am on a machine inside the network. I'm pretty sure that if I was outside the network this would work fine. Thanks for any help. -- .¸¸.·´¯`·.¸¸.·´¯`· Shallow Sea Aquatics .¸¸.·´¯`·.¸¸.·´¯`· .¸¸.·´¯`·.¸¸.·´¯ http://www.shallowsea.com ¸.·´¯`·.¸¸.·´¯`
