> > So, here are the rules again.
> >
> > iptables -t nat -A PREROUTING -i eth1 -s
> > 192.168.10.0/24
> > -p tcp --dport 80 -j REDIRECT --to-port 8080
> >
> > iptables -t filter -A FORWARD -i eth1 -s
> > 192.168.10.0/24
> > -p tcp --dport 80 -j ACCEPT
> it's meant 80 or 8080? i was try with 80 & 8080 but no
> different.
it means port 80. NOT port 8080. it says forward all traffic destined
to port 80.
anyway, What about uotput rules in your firewall.
do you have something like this.
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.10.0/24 -j SNAT
--to-source externalipofirewall
pls add above SNAT rule and change externalipofirewall to your
external ip adress
192.168.10.10 is the Local ip of your firewall. it should be your
gateway off all clients. and also add dns entries to your clients pcs.
then, try it again.
GOOD LUCK
>
> > iptables -A INPUT -i eth1 -d 192.168.10.10 -p tcp -s
> > 192.168.10.0/24 --dport 8080 -j ACCEPT
> >
another url
-- Thank you Indunil JayasooriyaReceived on Tue Feb 12 2008 - 20:30:14 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST