Login or Register to Ask a Question and Join Our Community


Debian

Iptables Nat forward port 29070

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Debian Iptables Nat forward port 29070
# 1  
Old 02-14-2012
Iptables Nat forward port 29070
Hello, the Nat and the forward worked on my debian server up to the reboot of machines.

The following rules*:


/sbin/iptables -t nat -A PREROUTING -p tcp -i eth2 -d xxx.xxx.xxx.xxx --dport 29070 -j DNAT --to-destination 10.0.1.7:29070
/sbin/iptables -A FORWARD -p tcp -i eth2 -o eth0 -d 10.0.1.7 --dport 29070 --sport 1024:65535 -m state --state NEW -j ACCEPT

Since the reboot, that doesn't work any more.

I have another rules towards one the others server and that her works.


/sbin/iptables -t nat -A PREROUTING -p tcp -i eth2 -d xxx.xxx.xxx.xxx --dport 29082 -j DNAT --to-destination 10.0.1.8:29082
/sbin/iptables -A FORWARD -p tcp -i eth2 -o eth0 -d 10.0.1.8 --dport 29082 --sport 1024:65535 -m state --state NEW -j ACCEPT

Thank you for your help .
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Port Forward to VPN client.

Hi all, I can't port forward from WAN to VPN Client. VPN Client Ubuntu 18 192.168.0.16 Port 6000 VPN Gateway for LAN clients Centos 192.168.0.12 Router 192.168.0.1 I can forward to the VPN Client if VPN is not connected if I forward Port 6000 from 192.168.0.1 directly to 192.168.0.16.... (2 Replies)
Discussion started by: stinkefisch
2 Replies

2. Cybersecurity

Openvpn nat and iptables

good day good people hi first to tell that firewall and vpn is working as expected, but I notice something strange. I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn. I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Discussion started by: end
0 Replies

3. Cybersecurity

iptables in a NAT scenario

Hi, I am learning IPTables have this question. My server is behind a firewall that does a PAT & NAT to the LAN address. Internet IP: 68.1.1.23 Port: 10022 Server LAN IP: 10.1.1.23 port: 22 Allowed Internet IPs: 131.1.1.23, 132.1.1.23 I want to allow a set of IPs are to be able to... (1 Reply)
Discussion started by: capri_guy84
1 Replies

4. Red Hat

NAT Loopback and iptables

Hello, please can you help and explain me. I have two servers. Both are RHEL6. I use the first one like router and the second one for apache. Router forwards 80 port on the second server and I can open that from the internet (mysite.com, for example). But I can not open mysite.com if i try to... (0 Replies)
Discussion started by: 6765656755
0 Replies

5. UNIX for Advanced & Expert Users

ipf/ipnat NAT/port forward issues

I've been going crazy trying to get this working. Here's the situation: we have a Solaris 10 box that connects an internal network to an external network. We're using ipf/ipnat on it. We've added a couple of new boxes to the internal network (192.168.1.100, .101) and want to be able to get to port... (1 Reply)
Discussion started by: spakov
1 Replies

6. Ubuntu

Iptables forward traffic to forward chain!!!

Hi, I am new to linux stuff. I want to use linux iptables to configure rule so that all my incoming traffic with protocol "tcp" is forwarded to the "FORWARD CHAIN". The traffic i am dealing with has destination addresss of my machine but i want to block it from coming to input chain and somehow... (0 Replies)
Discussion started by: arsipk
0 Replies

7. IP Networking

iptables forward public IP, no NAT, Debian i386

Hello all, got kinda problem. Have two machines in LAN, one of them connected to Internet directly, another one must be forwarded through the first one. Masquerading works perfectly, but is not what is needed here. Both machines have public IP addresses, when the second machine is forwarded its... (0 Replies)
Discussion started by: Action
0 Replies

8. IP Networking

port forward & DYNDNS Inquiry

Hi, Is there anyone know how to make port forward? And also, how to set up DYNDNS with router? (1 Reply)
Discussion started by: eel
1 Replies

9. UNIX for Advanced & Expert Users

ssh port forward over three server

Hello there, I have a big problem, and I hope somebody can help me. I try to realize a port forward over three server. Here is a picture... Client Server1 | Server2 ------- ------- | ------- |...... | |...... | | |...... ... (2 Replies)
Discussion started by: Art007
2 Replies

10. IP Networking

NAT Packets/Port Openine

Firstly, I have no knowledge of hubs, so please keep any advice simple! I have a UNIX hub, connecting three PCs and would like to know if the hub has NAT translation for incoming packets and if th hub is able to NAT translate packets coming in to a local (internal) LAN address.. (3 Replies)
Discussion started by: MartinD
3 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

pure-authd

pure-authd(8)							     Pure-FTPd							     pure-authd(8)

NAME

       pure-authd - External authentication agent for Pure-FTPd.

SYNTAX

       pure-authd [-p </path/to/pidfile>] [-u uid] [-g gid] [-B] <-s /path/to/socket> -r /program/to/run

DESCRIPTION

       pure-authd is a daemon that forks an authentication program, waits for an authentication reply, and feed them to an application server.

       pure-authd listens to a local Unix socket. A new connection to that socket should feed pure-authd the following structure :

	      account:xxx

	      password:xxx

	      localhost:xxx

	      localport:xxx

	      peer:xxx

	      end

       (replace  xxx  with  appropriate  values) . localhost, localport and peer are numeric IP addresses and ports. peer is the IP address of the
       remote client.

       These arguments are passed to the authentication program, as environment variables :

	      AUTHD_ACCOUNT

	      AUTHD_PASSWORD

	      AUTHD_LOCAL_IP

	      AUTHD_LOCAL_PORT

	      AUTHD_REMOTE_IP

	      AUTHD_ENCRYPTED

       The authentication program should take appropriate actions to fetch account info according to these arguments, and reply  to  the  standard
       output a structure like the following one :

	      auth_ok:1

	      uid:42

	      gid:21

	      dir:/home/j

	      end

       auth_ok:xxx
	      If  xxx is 0, the user was not found (the next authentication method passed to pure-ftpd will be tried) . If xxx is -1, the user was
	      found, but there was a fatal authentication error : user is root, password is wrong, account has expired, etc  (next  authentication
	      methods will not be tried) . If xxx is 1, the user was found and successfully authenticated.

       uid:xxx
	      The system uid to be assigned to that user. Must be > 0.

       gid:xxx
	      The primary system gid. Must be > 0.

       dir:xxx
	      The absolute path to the home directory. Can contain /./ for a chroot jail.

       slow_tilde_expansion:xxx (optional, default is 1)
	      When  the  command  'cd  ~user'  is  issued, it's handy to go to that user's home directory, as expected in a shell environment. But
	      fetching account info can be an expensive operation for non-system accounts. If xxx is 0, 'cd ~user' will expand to the system  user
	      home  directory.	If  xxx  is 1, 'cd ~user' won't expand. You should use 1 in most cases with external authentication, when your FTP
	      users don't match system users. You can also set xxx to 1 if you're using slow nss_* system authentication modules.

       throttling_bandwidth_ul:xxx (optional)
	      The allocated bandwidth for uploads, in bytes per second.

       throttling_bandwidth_dl:xxx (optional)
	      The allocated bandwidth for downloads, in bytes per second.

       user_quota_size:xxx (optional)
	      The maximal total size for this account, in bytes.

       user_quota_files:xxx (optional)
	      The maximal number of files for this account.

       ratio_upload:xxx (optional)

       radio_download:xxx (optional)
	      The user must match a ratio_upload:ratio_download ratio.

       Only one authentication program is forked at a time. It must return quickly.

OPTIONS

       -u <uid>
	      Have the daemon run with that uid.

       -g <gid>
	      Have the daemon run with that gid.

       -B     Fork in background (daemonization).

       -s </path/to/socket>
	      Set the full path to the local Unix socket.

       -R </path/to/program>
	      Set the full path to the authentication program.

       -h     Output help information and exit.

EXAMPLES

       To run this program the standard way type:

       pure-authd -s /var/run/ftpd.sock -r /usr/bin/my-auth-program &

       pure-ftpd -lextauth:/var/run/ftpd.sock &

       /usr/bin/my-auth-program can be as simple as :
	      #! /bin/sh

	      echo 'auth_ok:1'

	      echo 'uid:42'

	      echo 'gid:21'

	      echo 'dir:/home/j'

	      echo 'end'

AUTHORS

       Frank DENIS <j at pureftpd dot org>

SEE ALSO

       ftp(1), pure-ftpd(8) pure-ftpwho(8) pure-mrtginfo(8) pure-uploadscript(8) pure-statsdecode(8) pure-pw(8) pure-quotacheck(8) pure-authd(8)

       RFC 959, RFC 2389, RFC 2228 and RFC 2428.

Pure-FTPd team							      1.0.36							     pure-authd(8)