[ale] port forwarding help

[dhamm at itserve.com (David Hamm)]

When you port forward your port forwarding host has to be the gateway
between your external client and internal client.  I'm not real clear on
this but here's how I think it works.  Maybe one of the hard core TCP/IP
folks can correct me on this.

packet from ExternalHost looks like this
src=ExternalHost_IP dst=Gateway_IP

packet reaches the gateway and is changed to look like this and forwarded
src=ExternalHost_IP dst=InternalHost_IP

the internal host gets the packet and responds through the gateway.  The
gateway then modifies the response packet to look like this. 
src=Gateway_IP dst=ExternalHost_IP

So if you are port forwarding on a single subnet the InternalHost doesn't
have to go through the gateway to talk to the ExternalHost.  The External
host then receives an ACK packet from a host it hasn't sent a SYN packet.
So it just ignores the returning data and your telnet session seems hung.




-----Original Message-----
From: Michael D. Hirsch [mailto:mhirsch at nubridges.com]
To: ale at ale.org
Sent: Thursday, April 03, 2003 3:21 PM
To: ale at ale.org
Subject: [ale] port forwarding help


This seems simple, but I've been thumping my head against if for a while 
now.  All I want to do is forward anything to port xx to machine y.y.y.y.

>From reading docs it looks like all I need this:

iptables -t nat -A PREROUTING -p tcp --dport xx -j DNAT --to y.y.y.y:xx

I have made sure that port forwarding is turned on.

I test by telnetting to port xx on the forwarding box, but never get a 
connection.

One other possible complication, do I need to worry that I have only 1 nic 
card?  So on my test box all the traffic is really on one network.  In 
production, of course, I will use multiple network cards.

Thanks,

Michael
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale