OT: firewall piercing example

Renato Salles rsalles@rsnetservices.com.br
Thu Jul 3 00:09:00 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, this is OT, somehow. I have in my iptables rulesets an entrty like 
that:
/sbin/iptables -t nat -A PREROUTING -p TCP -i $INET_IFACE \
	--destination-port 5900:5990 -j DNAT --to-destination 192.168.0.1

Well, $INET_IFACE stands for my outside inteface of the firewall.
When i initiate a connection, this fails with a message like no server was 
listening to that port. But there is a VNC server listening at the 
internal address (192.168.0.1).
If someone could kindly show me an example of iptables port-forwarding 
to the vnc server...


TIA,
RSalles




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/A2XsEuTSMlK5leQRAld4AKCfk8xphD1UAFMFS7WVjfF85xjsoACfTrH5
zCMhvSsRTt01w/aDXd4el3U=
=tB4D
-----END PGP SIGNATURE-----