netfilter
[Top] [All Lists]
<prev [Date] next>
<prev [Thread] next>

port forwarding and proxy

from [Javier I. Gaggino]
Subject: port forwarding and proxy
From: "Javier I. Gaggino"
Date: Tue, 30 Apr 2002 10:57:23 -0300 
I'm start using linux in production environment, I have one server runnig 
iptables and squid.
My problem is:
We have clients accessing our PRIVATE network by ras, and we have route defined 
so our linux are used as proxy, everything is ok but as
the linux are forwarding http request to our internal web server, the pages 
hosted are not visible nor by us neither by our clients.
the error @ the browser is

The system returned: 

    (111) Connection refused
What can I do?

------------------------------------------------------------------------------------------------------
static-routes
------------------------------------------------------------------------------------------------------
eth1 net 0.0.0.0 netmask 0.0.0.0 gw xxx.xxx.xxx.xxx
eth0 net 10.0.0.0 netmask 255.0.0.0 gw 10.1.1.6
------------------------------------------------------------------------------------------------------

:PREROUTING ACCEPT [1636:122730]
:POSTROUTING ACCEPT [84:4762]
:OUTPUT ACCEPT [282:19816]
-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 11702 -j DNAT 
--to-
destination 10.1.1.1:80

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 5910 -j DNAT 
--to-d
estination 10.1.1.114:5900

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 5909 -j DNAT 
--to-d
estination 10.1.1.112:5900

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 1677 -j DNAT 
--to-d
estination 10.1.1.1:1677

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 120 -j DNAT 
--to-de
stination 10.1.1.1:110

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 25 -j DNAT 
--to-des
tination 10.1.1.18:25

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 80 -j DNAT 
--to-des
tination 10.1.1.18:80

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 21 -j DNAT 
--to-des
tination 10.1.1.18:21

-A PREROUTING -d xxx.xxx.xxx.xxx -i eth1 -p tcp -m tcp --dport 110 -j DNAT 
--to-de
stination 10.1.1.6:110

-A POSTROUTING -o eth1 -j SNAT --to-source xxx.xxx.xxx.xxx

Javier Gaggino
IT Dept.
Netnix S.A.
TE: 4292-7979
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • port forwarding and proxy, Javier I. Gaggino <=
Previous by Date:  ip_ct_tcp_timeout_listen and none, Oskar Andreasson
Next by Date:  Re: GRE & IPTABLES Log entry help, Ramin Alidousti
Previous by Thread:  SNAT timeout, Steffen Persvold
Next by Thread:  Ulogd, Paulo Andre
Indexes:  [Date] [Thread] [Top] [All Lists]
Privacy Policy