the cerberus
join:2007-10-16
Richmond Hill, ON
| Bonded internet router problem
ok, i have built a new bonding router and installed gentoo on it following the handbook, then followed the home router guide they have. the bonded internet works great on the client computers but the ports refuse to forward! i have tried irc rooms but have had no luck, was hoping maybe id get some help here. here is my nat tables.
|
|
DSL_Ricer
Premium
join:2007-07-22
| said by the cerberus  : the bonded internet works great on the client computers but the ports refuse to forward! Instead of supplying a DNAT port range, give it none, but give a destination port filter (-m tcp --destination-port port[:port] )
If that doesn't work, could you please post your iptables rules? (the input commands, not the resultant output) |
|
the cerberus
join:2007-10-16
Richmond Hill, ON
| sorry i cant figure out syntax of the command your suggesting
ive tried
but its wrong
heres my /var/lib/iptables/rules-save
|
|
DSL_Ricer
Premium
join:2007-07-22
1 edit | said by the cerberus :ive tried but its wrong Almost:
(edit: -j, not -J) |
|
the cerberus
join:2007-10-16
Richmond Hill, ON
2 edits | using -m tcp gives me
iptables: Invalid argument
the same command with -p tcp (and to note little case "-j DNAT" though this is probably a typo) works, --to-destination doesnt only --to
»www.utorrent.com/testport.php?port=
still says the port is closed.
is there something i must compile in my kernel for -m tcp? |
|
DSL_Ricer
Premium
join:2007-07-22
| said by the cerberus :using -m tcp gives me iptables: Invalid argument Oh right.
By the way, whenever you see that error type:
dmesg | tail
That will give you the real error message. |
|
the cerberus
join:2007-10-16
Richmond Hill, ON
1 edit | thanks, that will help a lot with debugging
still no luck, the port forwarding check say its not forwarded.
if i telnet my dd-wrt router i can see its iptables
it has something like
what does this do? and do i want it on this router? |
|
DSL_Ricer
Premium
join:2007-07-22 | Would you happen to know how to use "tcpdump"
I'd suggest you try to use it to see if the packets are being properly forwarded and replied to. |
|
the cerberus
join:2007-10-16
Richmond Hill, ON
| allright i found something
|
|
DSL_Ricer
Premium
join:2007-07-22
| said by the cerberus :allright i found something [code] tcpdump | grep 2014 [/code] In the future, use "tcpdump -n -i <dev> port 2014"
Where dev is the device you want to listen to.
said by the cerberus :[code] 19:59:50.559499 IP utorrent.com.54161 > 192.168.0.187.2014: S 1359064502:1359064502(0) win 5840 [/code] It looks like your rule is working just fine. Windows isn't replying to it. Check your firewall settings.
said by the cerberus :[code] 804 packets dropped by kernel [/code] An awful lot of dropped packets. The -n option should help with that. |
|
the cerberus
join:2007-10-16
Richmond Hill, ON
2 edits | yep, i think it was the firewall, turned off the one in windows, then decided to flush my iptables and write them again with the save log i had, because i had been playing around with iptables and totally screwed it up. i compared my current save with my old one, deleted and added appropriate rules, then added
and it just worked :) |
|
Angelo_
The Network Guy
Premium
join:2002-06-18 | good to hear you got it working  , i'm on debatng setting this up while in the next few weeks also . |
|
