Port forwarding from Internet to lan webserver

Port forwarding from Internet to lan webserver

am 11.11.2006 23:55:20 von Wyrda

Hello,


I try to access my webserver in lan from internet. I try to forwarding
internet 81 port from my server to my lan pc port 80, so in that way i
could access my lan webserver from internet in this way:
http://my_server_ip:81/

I have debian installed in my server and try to config iptables in this
way:

eth0 - internet
eth1 - lan

iptables -t nat -A PREROUTING -i eth0 -p tcp --sport 81 j DNAT
--to-destination 192.168.1.2:80

i try some other configuraion witch i found by google, but no one
worked.

Could you help me to solve this problem?

Re: Port forwarding from Internet to lan webserver

am 12.11.2006 02:33:13 von Duane Arnold

"Wyrda" wrote in message
news:1163285720.339702.149900@e3g2000cwe.googlegroups.com...
> Hello,
>
>
> I try to access my webserver in lan from internet. I try to forwarding
> internet 81 port from my server to my lan pc port 80, so in that way i
> could access my lan webserver from internet in this way:
> http://my_server_ip:81/
>
> I have debian installed in my server and try to config iptables in this
> way:
>
> eth0 - internet
> eth1 - lan
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --sport 81 j DNAT
> --to-destination 192.168.1.2:80
>
> i try some other configuraion witch i found by google, but no one
> worked.
>
> Could you help me to solve this problem?
>

Yeah, you should get something that's less complicated.

Duane :)

Re: Port forwarding from Internet to lan webserver

am 12.11.2006 17:17:07 von ibuprofin

On 11 Nov 2006, in the Usenet newsgroup comp.security.firewalls, in article
<1163285720.339702.149900@e3g2000cwe.googlegroups.com>, Wyrda wrote:

>I try to access my webserver in lan from internet. I try to forwarding
>internet 81 port from my server to my lan pc port 80, so in that way i
>could access my lan webserver from internet in this way:
>http://my_server_ip:81/

http://www.iptables.org/documentation/HOWTO/

[TXT] NAT-HOWTO.txt 17-Oct-2004 14:34 25K

>iptables -t nat -A PREROUTING -i eth0 -p tcp --sport 81 j DNAT
^^^^^^^^^^
>--to-destination 192.168.1.2:80

So you will take packets that come from some host on the internet that are
_sourced_from_ port 81, and send them on. Sorry - not going to work. Try

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 81 j DNAT
--to-destination 192.168.1.2:80

>i try some other configuraion witch i found by google, but no one
>worked.

The web site above will help. Last I checked, it had seven different HOWTOs
in several languages. By the way, "it doesn't work" is a rather useless
description, that tells nothing. You have to look, and report what is in
the logs and error messages. Did the computer catch fire? That might tell
someone what you did wrong.

Old guy