[Firehol-support] Redirecting ports to other computers
Phil Whineray
phil at sanewall.org
Sun Jan 6 20:48:58 GMT 2013
Hi
On Sat, Jan 05, 2013 at 04:07:07PM +0000, Joaquin wrote:
> I want to redirect all requests that come from wan to port 443 on my server wan
> to port 443 of a local network ip
> EJ: iptables-t nat-A PREROUTING-p tcp-d 200.55.XX - dport 443-j DNAT - to
> 192.168.1.1:443
> this gives does not work, I get no error but does not refresh.
> this one does not give error but does nothing
> / Sbin / iptables-t nat-A PREROUTING-p tcp-d 200.55.XX - dport 443-j DNAT - to
> 192.168.1.1
> I followed by adding
> / Sbin / iptables-A FORWARD-p tcp-d 192.168.1.1 - dport 443-m state - state NEW,
> ESTABLISHED, RELATED-j ACCEPT
>
> but still no redirects
You have not shared a full extract of your firehol.conf, but it sounds
like you are using /sbin/iptables in the middle of it, which will not
work. You need to use iptables without a path to ensure you invoke the
helper. See here:
http://firehol.sourceforge.net/commands.html?#iptables
Is there some reason you are not using the firehol redirection helpers
and a router rule? Earlier in the thread you have replied to there is
an example of using dnat and creating a router. That would be the best
way to do this with firehol in my opinion and almost exactly matches
your need (except it uses 2 hosts and changes port, too):
http://sourceforge.net/mailarchive/message.php?msg_id=2341593
Hope that helps
Phil
More information about the Firehol-support
mailing list