Doesn't work with iptables. What could be wrong?

S

Suenoroco2015-01-02 18:54:28

ubuntu

Suenoroco, 2015-01-02 18:54:28

Good afternoon.
The situation is extremely noob, most likely I am missing some nuances, since I have not worked with this before.
I decided to put my home media server on the Internet during the holidays.
DynDNS and the purchase of a white IP have disappeared. I remembered about the VDS server on Ubuntu.
I quickly picked up pptpd on it, connected my home server to it via VPN.
Packets between machines go.
I tried to forward ports, registered iptables and rebooted (192.168.10.100 - home server)
iptables -t nat -A PREROUTING -p tcp -d 185.*.*.* --dport 61234 -j DNAT --to-destination 192.168.10.100 :3389
iptables -t nat -A POSTROUTING -p tcp --dst `192.168.10.100 --dport 3389 -j SNAT --to-source 185.*.*.*
Everything seems to be correct. But RDP does not connect. The firewall rules on the home machine are fine.
In which direction should you dig?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

N

Nadz Goldman, 2015-01-03
@Suenoroco

iptables -t nat -A PREROUTING -p tcp -d 185.*.*.*  --dport 61234-j DNAT --to-destination 192.168.10.100:3389
iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT

You do crap with the second rule, because

PACKET IN
    |
PREROUTING--[routing]-->--FORWARD-->--POSTROUTING-->--OUT
 - nat (dst)   |           - filter      - nat (src)
               |                            |
               |                            |
              INPUT                       OUTPUT
              - filter                    - nat (dst)
               |                          - filter
               |                            |
               `----->-----[app]----->------'