DNAT? Port forwarding on linux firewall

[charleshagen]

I have been told that rebuilding my kernel for DNAT is what I need to port forward to other servers inside my network.

Can someone guide me on this?

I have a RedHat 9 server acting as a firewall with a firewall script. When I try to forward port 80 to another server it fails. Someone said I need to rebuild my kernel to allow for DNAT.

Any ideas? Can someone instruct me on this?

Charles

 

[thedaver]

RedHat's stock kernel should be fine.
Please describe a little more detail on what you're trying to do. We'll be happy to help out if we understand the issue better.

http://www.surfinbox.com/hosting/

 

[charleshagen]

I am trying to use RH9 as a router. I need to DNAT with IPTables script I have. It will not let me do so. Says my kernel does not support DNAT.

Sincerely,

Charles

 

[thedaver]

WHAT ARE YOU TRYING TO ACCOMPLISH?! You haven't posted any script examples, no error codes or responses and you haven't given any port mapping examples.

Unless I'm godawful stupid, I cannot see how anyone here could help you until you do so.

http://www.surfinbox.com/hosting/

 

[ericbrunson]

iptables and subsequently dnat requires kernel modules to be loaded. Here's what my RH9 fw has:

[root@wan root]# lsmod | grep ip
ipt_LOG                 4120   2  (autoclean)
ipt_state               1048  34  (autoclean)
ipt_MASQUERADE          2072   1  (autoclean)
ipt_multiport           1144   3  (autoclean)
iptable_nat            20568   1  (autoclean) [ipt_MASQUERADE]
ip_conntrack           26120   2  (autoclean) [ipt_state ipt_MASQUERADE iptable_nat]
iptable_mangle          2712   0  (autoclean) (unused)
iptable_filter          2348   1  (autoclean)
ip_tables              14488   9  [ipt_LOG ipt_state ipt_MASQUERADE ipt_multiport iptable_nat iptable_mangle iptable_filter]

If you don't have ip_tables and iptable_nat loaded, you'll probably have problems. Mine get loaded automatically.