Iptables forwarding local port ?

Ennek igy szerintem nem sok ertelme van.

Az iptables csak forwardban ertelmezi a SNAT DNATot, ha jol tudom, a local ertelmezeshez kulon patch kell.

En a helyedben, ha megoldhato inkabb tcp csatornat probalnek kialakitani a ket fel kozott.

man iptables :twisted:

DNAT
This target is only valid in the nat table, in the PREROUTING and OUTPUT chains, and user-defined chains which are only called from those chains.

The tables are as follows: filter This is the default table, and contains the built-in chains INPUT (for packets coming into the box itself), FORWARD (for packets being routed through the box), and OUTPUT (for locally-generated packets). nat This table is consulted when a packet which is creates a new connection is encountered. It consists of three built-ins: PREROUTING (for altering packets as soon as they come in), OUTPUT (for altering locally-generated packets before routing), and POSTROUTING (for altering packets as they are about to go out). mangle This table is used for specialized packet alteration. It has two built-in chains: PREROUTING (for altering incoming packets before routing) and OUTPUT (for altering locally-generated packets before routing).

[quote:ba3b557032="borneoo"]Udv

Iptables fort forward:
Az a problemam, hogy ha arrol a geprol nezem ahol az iptables fut
pl (telnet $LOCAL_IP 5900) akkor nem mukodik
ha pedig egy harmadik geprol nezem akkor minden ok

Tudja valaki,hogy hogyan kell ezt megoldani,hogy a helyi geprol nezve
is mukodjon a port forward?

Koszonet
Anti

------------------
# Redirect port 5900
iptables -t nat -A PREROUTING -p tcp -d $LOCAL_IP --dport 5900 -j DNAT --to $MASIK_HOST_IP:5900

iptables -t nat -A POSTROUTING -o eth0 -p tcp -d $MASIK_HOST_IP --dport 5900 -j MASQUERADE

Mivel helyi gépről nézve NEM az eth0-n közlekedsz nem fog menni a portfw. Javaslom a lo iface-re egy hasonló szabály felállítását