1. Home
  2. Networking Firewalls
  3. Iptables dnat, output, and forwarding directions???

Iptables dnat, output, and forwarding directions???

I'm trying to allow smtp traffic from the net in and out of a local mailserver.

I seem to have lost my sense of direction with regard to input, output and forward rules when it comes to DNAT and SNAT...

eth1 is my external interface 192.168.1.1 eth0 is internal mailserver is internal 172.16.1.1

is the OUTPUT filter on the NAT table for traffic coming from external

--> internal? does forward have to be used in two rules when traffic is flowing through a two interface firewall?

I thought the traffic passed like this:

--> external (DNAT) | ------------> output | ------> internal

Reply to
mostro
Loading thread data ...

Simple, everything that will pass through your firewall/router box will hit the FORWARD rule.

Everything that is destine for the firewall/router box is INPUT

Everything originating for the firewall/router is OUTPUT

DNAT and SNAT will only be used for your FORWARD rules

As stated above all traffic that passes through your box is a FORWARD rule set

Reply to
Robert

Thank you.

---------------------

Reply to
mostro

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.