[wplug] iptables, port forwarding and vnc.

John Harrold jmh17 at pitt.edu
Wed Mar 3 20:43:04 EST 2004 

i'm trying to forward ports on our gateway running linux to the windows
machine so that someone running vnc from the outside can use it. 


   External Interface:  eth0
      Internal Interface:  eth1
      

 PSERVER="123.123.123.123"     #external interface eth0
 PGW="192.168.0.1"             #internal interface eth1
 LOCNET="192.168.0.0/24"       
 WINDOWS="192.168.0.3"         #windows machine


 # so i have the following to forward ports 5800 and 5900 which i read vnc uses
 # i read that the following would forward the ports i need.

 $IPTABLES -t nat -A PREROUTING -i eth0 -p tcp --sport 1024:65535 -d  $PSERVER --dport 5800 -j DNAT --to-destination $WINDOWS:5800
 $IPTABLES -A FORWARD -i eth0 -o eth1 -p tcp --sport 1024:65535 -d $WINDOWS --dport 5800 -m state --state NEW -j ACCEPT
 $IPTABLES -t nat -A PREROUTING -i eth0 -p tcp --sport 1024:65535 -d  $PSERVER --dport 5900 -j DNAT --to-destination $WINDOWS:5900
 $IPTABLES -A FORWARD -i eth0 -o eth1 -p tcp --sport 1024:65535 -d $WINDOWS --dport 5900 -m state --state NEW -j ACCEPT

 this doesn't seem to be working, since i'm not too swift at this kind of
 thing does anyone see any problems with this?


-- 
--------------------------------------------------------------------------
                                               | /"\
 john harrold                                  | \ / ASCII ribbon campaign
      jmh at member.fsf.org                    |  X  against HTML mail
           the most useful idiot               | / \
--------------------------------------------------------------------------
 What difference does it make to the dead, the orphans, and the homeless,
 whether the mad destruction is brought under the name of totalitarianism or
 the holy name of liberty and democracy?
 --Gandhi
--------------------------------------------------------------------------
gpg --keyserver keys.indymedia.org --recv-key F65A739E
--------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://penguin.wplug.org/pipermail/wplug/attachments/20040303/47a83619/attachment-0001.bin

More information about the wplug mailing list