On Sat, 2002-10-26 at 09:03, Fernando wrote: > I have a server with an adsl connection running Red Hat 8 and acting as > gateway/firewall to my internal network. I wanna redirect port 21 of the > server to a internal machine, where i wanna run a ftp server. I tried: > iptables -t nat -A PREROUTING -p tcp --dport 21 -i ppp0 -j DNAT --to > 192.168.0.10:21 > where ppp0 its my external adsl interface and 192.168.0.10 is the ip adress > of the machine running the ftp server > But, the port isnt redirected. Someone know why?
A couple of things to check first... You need to make sure the packets are getting through the FORWARD chain ok What is your FORWARD POLICY, DROP or ACCEPT? If it is DROP, you need to add a rule to ACCEPT packets, eg -A FORWARD -i ppp0 -p tcp --dport 21 -m state NEW,ESTABLISHED,RELATED -j ACCEPT If you are doing Active ftp, you will also need the modules ip_conntrack_ftp & ip_nat_ftp loaded. And of course, make sure your udp port 53 is able to pass both ways if your dns is external. This tutorial is good reading http://www.netfilter.org/documentation/tutorials/blueflux/ Add some -j LOG rules to monitor packet progress... Regards, Peter. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
