Hi,

    Some checkpoints:

    - Packet Forwarding must be enabled (echo 1 >
    /proc/sys/net/ipv4/ip_forward or sysctl -w net.ipv4.ip_forward=1).

    - Your internal box must have your linux as default gateway.

    - Append the port number at the end of your rule (not really,
    but...):
    iptables -t nat ... --to-dest 192.168.0.11:5500

    - Is your box going to outside (internet) through your linux?

    - If your default INPUT policy is DROP, add an ACCEPT rule to port
    5500. I don't really know if it's necessary, but as you're trying to
    connect specifying the IP address of your linux... I think it will
    fall on PREROUTING.

    - If your default FORWARD policy is DROP, add an ACCEPT rule to your
    internal box:port.

    I hope this help you anyway...

See 'ya
Alejandro

> hi, i just set up ip masquerading, so im usign my linux box as my router. I
> have an internal box running a service that i need to make available to the
> outside. the port is 5500 and the internal ip of the box is 192.168.0.11,
> heres what i tried:
>
> # iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 5500 \
> -j DNAT --to-dest 192.168.0.11
>
> it goes through without any errors, but when i try to connect to the service
> usign my external ip it says Host Refused connection. i also tried port
> scanning for this port, and it doesnt find it. Please help me solve this ASAP.
>
> Thank you in advance,
> delusi0n
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]