[wplug] Port Forwarding assistance to port 443

[Albert Whale]

I am using Linux Mandrake, and running the Bastille-firewall project, 
and till now have been quite pleased in the flexibility and 
functionality of the tools. 

Now I need to forward the public address (port 443 - https) to an 
internal machine, however the portforward.sh tool attempts to make two 
additions to the iptables rules, of which only one works.

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 0.0.0.0/0 --dport 
443 -j DNAT --to 192.168.99.247:443
/sbin/iptables -A FORWARD -p tcp -i eth0 -d 192.168.99.247 --dport 443 
-j ACCEPT

The problem is that there is no Chain named PREROUTING in the bastille 
project (even though the tool references it, I know, don't go there).

Here are the valid chains:

 iptables -nL | grep Chain
Chain INPUT (policy DROP)
Chain FORWARD (policy DROP)
Chain OUTPUT (policy ACCEPT)
Chain INT_IN (1 references)
Chain INT_OUT (1 references)
Chain PAROLE (28 references)
Chain PUB_IN (2 references)
Chain PUB_OUT (2 references)

My question is, what rule or chain do I need to add to the iptables 
configuration to promote the forwarding of port 443 to the internal network?

-- 
Albert E. Whale, CISSP - Sr. Security, Network, and Systems Consultant
--------------------------------------------------------------------------------
http://www.abs-comptech.com & http://www.No-JunkMail.com 
ABS Computer Technology, Inc. - ESM, Computer & Networking Specialists
SPAM Zapper - www.No-JunkMail.com - SPAM Stops Here.
Founding Board of Directors of Pittsburgh FBI - InfraGard