+ Post New Thread
Results 1 to 2 of 2
*nix Thread, packet forwoading using IPtables in Technical; Hi, I have 2 Ubuntu boxes sitting in the same subnet; server 1 [130.15.6.68] and server 2 [130.15.6.69] What I ...
  1. #1

    Join Date
    May 2011
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Unhappy packet forwoading using IPtables

    Hi,
    I have 2 Ubuntu boxes sitting in the same subnet; server 1 [130.15.6.68] and server 2 [130.15.6.69]
    What I am trying to achieve here is the following:

    server 1 act as a gateway or proxy to server 2, meaning that server 1 is exposed to the Internet and all traffic to server 2 should go though it (i hope!).

    server 2 act as application server and I don't want a direct access to it from the internet. I want all the inbound traffic comes through server 1.

    for testing purposes, i will limit the traffic to simple http or port 80

    in server 1, i have done the following settings:
    iptables -t nat -A PREROUTING -p tcp -i eth0 -d 130.15.6.68 --dport 80 -j DNAT --to 130.15.6.69:80
    iptables -A FORWARD -p tcp -i eth0 -d 130.15.6.69 --dport 80 -j ACCEPT

    Also,
    In server 1, I've edited the value of net.ipv4.ip_forward to equal 1 (uncomment that line in /etc/sysctl.conf)

    Currently, both server 1 and server 2 has its own apache2 servers with different index.html files.

    the problem is, when i browse to server 1, I am still seeing its index page rather than being forwarded to the index page of server 2.

    how can i achieve the traffic forowrding from server 1 to server 2 when my browser pointing to server 1?

    Thank you in advance

  2. #2

    Join Date
    Jul 2007
    Posts
    3
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hello turki_00

    Try following the instructions here:

    Port forwarding for iptables (DMZ)

    You'll need to specify eth0 - rather than eth1 (of course), you may note the --state NEW and --m state flags (see man iptables for more info), you may or may not need those - depending upon which version of iptables you're running.

    Good luck and hope you manage to get it sorted out

SHARE:
+ Post New Thread

Similar Threads

  1. Debian Packet Sniffing
    By Bocaj1994 in forum Wireless Networks
    Replies: 4
    Last Post: 10th July 2010, 07:39 PM
  2. [Gentoo] openvpn / iptables
    By RabbieBurns in forum *nix
    Replies: 9
    Last Post: 4th August 2009, 03:18 PM
  3. Packet analyser
    By Talorin in forum Wireless Networks
    Replies: 4
    Last Post: 27th January 2009, 03:41 PM
  4. Setting up NAT using IPTABLES
    By ChrisH in forum *nix
    Replies: 23
    Last Post: 9th November 2005, 01:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •