Arlukin

Asked: 2011-06-20 00:41:54 +0800 CST2011-06-20 00:41:54 +0800 CST 2011-06-20 00:41:54 +0800 CST

iptables - Forward back to dmz from dmz

I have a firewall with two network cards. From internet it's possible to access the external-ip and then be forwarded to an internal server. But when on the DMZ and accessing the external-ip, I'm not forwarded back into the internal server.

I guess this is the rules that are relevant to this question. Shouldn't they be enough.

$IPTABLES -t nat -A PREROUTING -p TCP -d $MAIL_IP --dport 122 -j DNAT --to-destination $DMZ_MAIL_IP:22

$IPTABLES -A FORWARD -p TCP  -o $DMZ_IFACE -d $DMZ_MAIL_IP -m multiport --dports 122 -j allowed

I have lot's of other rules, and infact two other network cards, just isolating the question here.

SOLUTION:

I had a to restrictive SNAT rule.

Something like this solved the problem. iptables -t nat -I POSTROUTING -s $INTERNAL_CLIENT -j SNAT --to-source $MAIL_IP

iptables - Forward back to dmz from dmz

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

iptables - Forward back to dmz from dmz

0 Answers