Goodafternoon guy’s.
I’ve got a problem on my suse 11.1 server with nat loopback.
eth0 goes to the dsl modem and gives me a public ip and eth1 has got a private ip 10.0.0.138.
There’s a windows 2003 server running dhcp on 10.0.0.10 and at this moment there is a httpd running on 10.0.0.4
The problem is that when I try to reach the webserver bij DomainName.com – Reserve Your Place In Cyberspace with DomainName.com Domain Name Registration Services! it doesn’t loopback to 10.0.0.4 but hangs on the public ip.
I’ve got some simpel iptables running to route the internal nic te the external nic and that all works fine.
What am I doing wrong here?
Delete and flush. Default table is “filter”. Others like “nat” must be explicitly stated.
iptables --flush
iptables --table nat --flush
iptables --delete-chain
Delete all chains that are not in default filter and nat table
iptables --table nat --delete-chain
Set up IP FORWARDing and Masquerading
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
Enables packet forwarding by kernel
echo 1 > /proc/sys/net/ipv4/ip_forward
#Forwarden van porten naar andere ip adressen
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.4:80
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 20 -j DNAT --to-destination 10.0.0.4:20
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 20 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 21 -j DNAT --to-destination 10.0.0.4:21
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 10.0.0.4:25
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 110 -j DNAT --to-destination 10.0.0.4:110
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 110 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 1723 -j DNAT --to-destination 10.0.0.10:1723
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 81 -j DNAT --to-destination 10.0.0.10:81
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 81 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.0.0.4:443
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT
#these rules are for NAT loopback (but don’t work)
iptables -t nat -A INPUT -i lo -d 10.0.0.138 -j DNAT --to 10.0.0.4
iptables -t nat -A OUTPUT -o lo -d 10.0.0.138 -j DNAT --to 10.0.0.4
and this is where I’m stuck at the moment. I’ve workt with ipchains about 8 years ago and now I started playing with suse again after all those years so I really hope you can shine some light on this problem
Jamie