|
Simple iptable rules
I need help with iptable
I have a fedora8 server doing squid proxy and firewall with few computer in the network
the clients can go to the internet with no problem the problem that I have is, I can not make anybody see my web page from the internet. I just need a simple comfiguration to fordward the port 80, 443 and 25 to my internal server. My iptable comfigurationis this
I have to ethernet
eth0 is internal network
eth1 is external network
# Generated by iptables-save v1.3.8 on Sun Dec 16 23:46:10 2007
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth1 -j MASQUERADE
# Forward HTTP connections to Squid proxy
-A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -j DNAT --to-destination 192.168.0.20:80
-A PREROUTING -p tcp -m tcp -i eth1 --dport 443 -j DNAT --to-destination 192.168.0.20:443
COMMIT
# Completed on Sun Dec 16 23:46:10 2007
# Generated by iptables-save v1.3.8 on Sun Dec 16 23:46:10 2007
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Sun Dec 16 23:46:10 2007
# Generated by iptables-save v1.3.8 on Sun Dec 16 23:46:10 2007
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -p tcp -m tcp -m state -i eth1 --dport 80 --state NEW -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
COMMIT
# Completed on Sun Dec 16 23:46:10 2007
I've been looking for any help in the internet but I and not able to find nothing please if somebody can give me so clue what a am doing wrong, I will apriciate it.
|
