Subject Re: [firebird-support] iptables and port forwarding
Author Alexandre Benson Smith
On Fri, 16 Jul 2004 07:57:57 -0000, "yann_riviere" <yann_riviere@...> escreveu:

> De: "yann_riviere" <yann_riviere@...>
> Data: Fri, 16 Jul 2004 07:57:57 -0000
> Para:
> Assunto: [firebird-support] iptables and port forwarding
> Hello,
> Im trying to access to my firebird server (under linux)
> throught an iptables firewall (
> I try this rule :
> iptables -A PREROUTING -t nat -p tcp -d --dport 3050 -j
> DNAT --to
> No success...
> Can anyone help me?
> Thanks
> Yann

Hi, Yann

try this one
# FB
$IPTABLES -A FORWARD -i eth0 -o eth1 -p tcp --dport 3050 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A PREROUTING -t nat -p tcp -d --dport 3050 -j DNAT --to

In this example I assume that:
eth0 is your external interface
eth1 is your internal interface is your external ip address (the network address is used for private lan, and are not routable on the internet, don't know if you just put this address as a sample or if you have a firewall between 2 local lans) is the ip address of your FB server

Works like a charm :-) But you expose your FB server to the wild world, maybe you want to permit it just for some address, or use a tunelling (ssh or zebedee, zebedee is very very simple to use) to make it a bit more secure.


Alexandre Benson Smith
THOR Software e Comercial Ltda.
Santo Andre - Sao Paulo - Brazil