Ask Your Question
0

port forwarding with kernel 3.3.0 not working

asked 2012-04-02 04:49:33 -0500

paulmount gravatar image

updated 2013-06-07 06:45:37 -0500

I'm trying to setup a Intel Core-7i box newly with fedora16_64. Everything works fine but nat-ing doesn't work. Seems that kernel 3.3.0 has changed: The same iptables works with a fedora15 box with kernel 2.6.

Is it a bug? Seems that kernel 3.3 doesn't do any port forwarding that is defined in the nat table?

Please see my list output of iptables (is there a mistake?):

[root]# iptables -t nat -L

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             anywhere             tcp dpt:http mark match 0x64 to::8089

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere            

[root]# iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:8089 mark match 0x64
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:8089
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Very thanks to any suggestion. Paul from the mountain

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2012-04-02 11:15:56 -0500

WyoHam gravatar image

Just a SWAG, as you don't mention it. Running the 3.3 kernel - what does:

cat /proc/sys/net/ipv4/ip_forward

show?

edit flag offensive delete link more

Question Tools

Stats

Asked: 2012-04-02 04:49:33 -0500

Seen: 532 times

Last updated: Jun 07 '13