OStatic

By Richard Carmody on Jul. 03, 2009

If you are using IP Tables, you should be able to see what rules you have in place. Typically this file will be at /etc/sysconfig/iptables.

While you can directly edit the file, do note that it is generated automatically by the iptables command.

You will need to set up NAT (network address translation) so that traffic coming in to, say, port 4000 can be routed to port 80 on a given internal 192.168 IP.

By George Murphy on Jul. 03, 2009

What OS are you on? Try running system-config-firewall as root if you have xwin or GNOME or something. This will give you a GUI tool to admin your firewall on your proxy server. You can then forward traffic internally.

By Richard Carmody on Jul. 03, 2009

Giu, you will have to be root to run iptables - do note.

Also, on your proxy server, make sure you have port forwarding enabled.

To do this:

echo 1 > /proc/sys/net/ipv4/ip_forward

By Peter Brook on Jul. 03, 2009

What you need:

1) PREROUTING rule so that traffic coming to a particular public IP port is routed to your internal machine

2) The ability to route from your proxy gateway

3) DNAT the traffic from proxy to your internal machine

4) Internal machine FILTER rules should not block the incoming traffic

If you want simple routing (e.g. External port 80 to internal machine port 80), issue the following (as root)

$> iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to

The traffic will go to the internal server's port 80.

restart iptables (service iptables restart) as root.

Make sure you save your iptables via

$>iptables-save

HTH