PDA

Click to See Complete Forum and Search --> : Port Forwarding

ee99ee2
09-02-2002, 09:28 PM
Okay I'm starting to get really annoyed. All I need to do right now if forward port 1723 to 192.168.1.6. My NAT is Debian Woody. Here's the way I'm trying to do it, tell me if I'm wrong:

ipmasqadm portfw -a -P tcp -L 24.158.112.9 1723 -R 192.168.1.6 1723

When I enter that (as root), I get this:

portfw: setsockopt failed: Protocol not available

What am I doing wrong? Here's lsmod output:

ned:/# lsmod
Module Size Used by Not tainted
ipt_REDIRECT 736 0 (unused)
3c59x 24648 2
ipt_LOG 3136 7 (autoclean)
iptable_mangle 2112 0 (autoclean) (unused)
iptable_filter 1728 1
ip_nat_snmp_basic 7584 0 (unused)
ip_nat_irc 2368 0 (unused)
ip_nat_ftp 2944 0 (unused)
ip_conntrack_irc 2496 0 (unused)
ip_conntrack_ftp 3200 0 (unused)
ipt_MASQUERADE 1216 1
iptable_nat 12660 5 [ipt_REDIRECT ip_nat_snmp_basic ip_nat_irc ip_nat_ftp ipt_MASQUERADE]
ip_conntrack 12684 3 [ipt_REDIRECT ip_nat_irc ip_nat_ftp ip_conntrack_irc ip_conntrack_ftp ipt_MASQUERADE iptable_nat]
ip_tables 10432 8 [ipt_REDIRECT ipt_LOG iptable_mangle iptable_filter ipt_MASQUERADE iptable_nat]
mousedev 3776 0 (unused)
keybdev 1664 0 (unused)
input 3072 0 [mousedev keybdev]

I was thinking maybe it was a module that wasn't loaded, so I did a 'modprobe ipt_REDIRECT' hoping that would fix it. Still got the same error though.

What am I doign wrong? Also, is it bad to have THAT many modules loaded?! Lord, that's alot! My gentoo box only had like 3 (5 after I intalled VMware).

-ee99ee2
jumpedintothefire
09-02-2002, 09:49 PM
ipmasqadm is for ipchains..
from :

ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html

give this a spin:

IPTABLES -t nat -A PREROUTING -i <ethX> -p tcp --dport 1723 -j DNAT --to 192.168.1.6

IPTABLES -t nat -A PREROUTING -i <ethX> -p 47 -j DNAT --to 192.168.1.6

replace <ethX> with your external interface.
ee99ee2
09-02-2002, 10:08 PM
Wow. That worked. That's great! Thanks.

One more question. Once I've got my iptables setup the way they need to be all the time, is there some command I can run to save them? Like, to where after I reboot it will automaticly load them again so I don't have to type them in again?

-ee99ee2
jumpedintothefire
09-02-2002, 10:28 PM
I run mine from a shell script...

You may not have the init.d part in your path
try with RH anyway:

/etc/rc.d/init.d/iptables
if save is listed as an option then:
/etc/rc.d/init.d/iptables save