Answer the question
In order to leave comments, you need to log in
A
A
Anton2014-08-16 18:10:36
Anton, 2014-08-16 18:10:36
How to forward ports from debian ovpn server for client e2k and torrent?
VPS server on Debian with OVPN. On my machine, having connected to vpn, I specify ports 40001 for tcp and 40002 for udp in eDonkey, port
40001
in
uTorrent
.
iptables -t nat -A PREROUTING --dst 82.146.34.95 -p tcp --dport 40001 -j DNAT --to-destination 10.8.0.14
iptables -I FORWARD 1 -i eth0 -o tun0 -d 10.8.0.14 -p tcp -m tcp --dport 40001 -j ACCEPT
iptables -t nat -A PREROUTING --dst 82.146.34.95 -p udp --dport 400021 -j DNAT --to-destination 10.8.0.14
iptables -I FORWARD 1 -i eth0 -o tun0 -d 10.8.0.14 -p udp -m udp --dport 40002 -j ACCEPTOutput of sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere cascade.fvds.ru tcp dpt:40001 to:10.8.0.14
DNAT udp -- anywhere cascade.fvds.ru udp dpt:6805 to:10.8.0.14
DNAT udp -- anywhere cascade.fvds.ru udp dpt:6805 to:10.8.0.14
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 10.8.0.0/24 anywhereI installed linux-igd, in the settings EXTIFACE=eth0 and INTIFACE=tun0, I start the service, I watch the output of sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere cascade.fvds.ru tcp dpt:40001 to:10.8.0.14
DNAT udp -- anywhere cascade.fvds.ru udp dpt:6805 to:10.8.0.14
DNAT udp -- anywhere cascade.fvds.ru udp dpt:6805 to:10.8.0.14
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 10.8.0.0/24 anywhereIn eDonkey and uTorrent I set "UPnP port settings". Does not work.
Output of sudo iptables-save
# Generated by iptables-save v1.4.14 on Sat Aug 16 19:09:54 2014
*mangle
:PREROUTING ACCEPT [867129:750867485]
:INPUT ACCEPT [355813:364291418]
:FORWARD ACCEPT [511316:386576067]
:OUTPUT ACCEPT [272721:81309050]
:POSTROUTING ACCEPT [784077:467905221]
COMMIT
# Completed on Sat Aug 16 19:09:54 2014
# Generated by iptables-save v1.4.14 on Sat Aug 16 19:09:54 2014
*filter
:INPUT ACCEPT [355816:364291594]
:FORWARD ACCEPT [503874:386189171]
:OUTPUT ACCEPT [272732:81310118]
:ispmgr_allow_ip - [0:0]
:ispmgr_allow_sub - [0:0]
:ispmgr_deny_ip - [0:0]
:ispmgr_deny_sub - [0:0]
-A INPUT -j ispmgr_deny_ip
-A INPUT -j ispmgr_allow_ip
-A INPUT -j ispmgr_allow_sub
-A INPUT -j ispmgr_deny_sub
-A FORWARD -d 10.8.0.14/32 -i eth0 -o tun0 -p udp -m udp --dport 40002 -j ACCEPT
-A FORWARD -d 10.8.0.14/32 -i eth0 -o tun0 -p tcp -m tcp --dport 40001 -j ACCEPT
COMMIT
# Completed on Sat Aug 16 19:09:54 2014
# Generated by iptables-save v1.4.14 on Sat Aug 16 19:09:54 2014
*nat
:PREROUTING ACCEPT [33768:2570979]
:INPUT ACCEPT [13924:819990]
:OUTPUT ACCEPT [498:43239]
:POSTROUTING ACCEPT [2465:149867]
-A PREROUTING -d 82.146.34.95/32 -p tcp -m tcp --dport 40001 -j DNAT --to-destination 10.8.0.14
-A PREROUTING -d 82.146.34.95/32 -p udp -m udp --dport 6805 -j DNAT --to-destination 10.8.0.14
-A PREROUTING -d 82.146.34.95/32 -p udp -m udp --dport 6805 -j DNAT --to-destination 10.8.0.14
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Sat Aug 16 19:09:54 2014What to do?
Similar questions
D
H
A
S
severniyvolk2014-07-25 07:29:09
Is it possible to redirect from Apache to an OpenVpn address?
2Reply
M
mirus2014-07-25 22:17:26
How to make ToS marking and further route such packets over the network?
1Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question