Routing/NAT

Hello!

I have downloaded "Yacy" and configured a port forwarding:


-A FORWARD -d 10.0.0.15 -i ppp0 -o eth0 -p tcp -m tcp --dport 4000 -j ACCEPT

-A PREROUTING -i ppp0 -p tcp -m tcp --dport 4000 -j DNAT
--to-destination 10.0.0.15:4000


Routes:
Ziel Router Genmask Flags Metric Ref Use Iface
217.0.118.100 * 255.255.255.255 UH 0 0 0 ppp0
localnet * 255.255.255.0 U 0 0 0 eth0
default * 0.0.0.0 U 0 0 0 ppp0

All is working, but requests from the inside network to the outside
port forwarding (ppp0) seems to go to the local router address.
The yacy application tries to reach it self on the public internet
address, this is a problem.

Hello,

Markus Schmitt a écrit :
>
> I have downloaded "Yacy" and configured a port forwarding:
>
> -A FORWARD -d 10.0.0.15 -i ppp0 -o eth0 -p tcp -m tcp --dport 4000 -j
> ACCEPT
>
> -A PREROUTING -i ppp0 -p tcp -m tcp --dport 4000 -j DNAT
> --to-destination 10.0.0.15:4000
[...]
> All is working, but requests from the inside network to the outside port
> forwarding (ppp0) seems to go to the local router address.

Your DNAT rule in nat/PREROUTING matches only packets received on ppp0,
whereas packets from the inside network arrive on eth0. You need to
either remove "-i ppp0" from that rule or add a similar rule with "-i eth0".

You also need to make sure traffic in FORWARDING from eth0 to eth0 is
accepted. Finally you need to add a rule in nat/POSTROUTING which SNATs
packets forwarded from eth0 to eth0, else it won't work :

iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/24 -d 10.0.0.15 \
-p tcp --dport 4000 -j SNAT --to $eth0_ip_address