[Firehol-support] NAT Problem - Please Help
Carlos Rodrigues
cefrodrigues at gmail.com
Sun Oct 18 22:57:39 BST 2009
On Sun, Oct 18, 2009 at 12:38 PM, Andrei Verovski (aka MacGuru)
<andreil1 at starlett.lv> wrote:
> Hi, folks,
>
> I have firehol running on SuSE Linux for a long time, with NAT/port forwarding
> working OK.
>
> Now I'm need to set up another NAT/port forwarding rule - incoming traffic on
> external interface "${if_world}" port 20080 must be redirected to
> 192.168.0.15 port 80
>
> I have wrote these rules:
>
> server_fxoweb_ports="tcp/20080"
> client_fxoweb_ports="default"
> nat to-destination 192.168.0.15:80 inface "${if_world}" proto tcp dport 20080
>
> router world2lan inface "${if_world}" outface "${if_lan}"
> route fxoweb accept
> route ident reject with tcp-reset
>
> For whatever reason it does not work at all.
Instead of "route fxoweb accept", try "route http accept" or "route
http accept dst 192.168.0.15".
If I remember correctly, the nat is done before the forwarding phase,
so the router will see them with their actual destination, and not how
they reached the forwarding box.
--
Carlos Rodrigues
More information about the Firehol-support
mailing list