Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Antwort: Re: Antwort: Re: [suse-security] DNAT problems
Helo Martin, helo folks,

well that´s problably the fault.

I use to try it with a FORWARD rule, but it don´t work.

May I do a syntactic fault, but I think it has to be like :

$IPTABLES -A FORWARD -i $IF_INT -o $IF_EXT -p tcp -s potsdamerplatz -d IPINTERN
--dport FF -j ACCEPT

I also try to switch from <<-j MASQUERADE rule>> to <<-j SNAT --to-source MYIP>>

I have read: MASQUERADING ins pretty good 4 dynamic IP, I still use static.

But it is the same one. :-(

Any idea ??


TIA

best regards

Dirk Ertl
T-Systems PCM AG
Computing & Desktop Services
Business Unit Daimler Chrysler AG / debis
Fon: +179/492 63 59
mailto:t-systems.ertl@xxxxxxxxxxxxxxxxxxx
mailto:dirk.ertl@xxxxxxxxxxxxx




Martin.Peikert@xxxxxxxxx
23.01.2002 13:13
Bitte antworten an Martin.Peikert



An: T-Systems Ertl/Extern/040/DCAG/DCX@wk-EMEA2
Kopie: suse-security@xxxxxxxx
Thema: Re: Antwort: Re: [suse-security] DNAT problems

T-Systems.Ertl@xxxxxxxxxxxxxxxxxxx schrieb:
>
> Helo Martin, helo folks,
>
> thanks for your responce.
>
> I can show U the rule:
>
> $IPTABLES -A PREROUTING -t nat -p tcp --dport FF -j DNAT --to-destination
> IPINTERN

Ok, that's prerouting. Is there a forwarding rule that accepts that
traffic?

Martin
--
martin.peikert@xxxxxxxxx Discon GmbH
Internet Solutions Wrangelstrasse 100
http://www.discon.de/ 10997 Berlin, Germany


< Previous Next >
Follow Ups