[Shorewall-newbies] Probelm with DNAT (Portforwarding)
teastep at shorewall.net
Sun Jan 4 17:33:55 PST 2004
On Mon, 5 Jan 2004, Roger Zueger wrote:
> DNAT:info net loc:10.0.0.200 tcp 80 -
> If I try to connect (from the internet [net]) my internal www-server the
> firewall write the following line in syslog:
> Jan 5 00:42:30 net_dnat:DNAT:IN=eth0 OUT= SRC=220.127.116.11
> DST=18.104.22.168 LEN=60 TOS=0x10 PREC=0x00 TTL=53 ID=47877 DF PROTO=TCP
> SPT=10459 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
> But no connection will be etablished. I don't know why, because if I try to
> connect my webserver from the firewall [fw] it works perfekt! I'm using
> shorewall 1.4.8 on a debian 3.0 (woody) system with kernel 2.4.18.
You have completed the first step in diagnosing port forwarding problems.
Please see FAQs 1a and 1b for more things to check.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies