I am trying to do something that sounds really easy : forward ports from the internet to specific machines on my lan. I do have a dynamic ip so I look thru these forums and I used the advises proposed but ... it still does not work
Here are my settings:
My wan is on eth1 and is called "wan1"
My lan is bridged from eth2-5 with eth2 master port (local ip : 192.168.6.4/24)
NAT:
0 chain=srcnat action=masquerade out-interface=wan1
1 chain=dstnat action=dst-nat to-addresses=192.168.6.101 to-ports=80
protocol=tcp in-interface=wan1 dst-port=80
2 chain=dstnat action=dst-nat to-addresses=192.168.6.101 to-ports=443
protocol=tcp in-interface=wan1 dst-port=443
FILTERS:
0 ;;; allow established
chain=input action=accept connection-state=established
1 ;;; allow related
chain=input action=accept connection-state=related
2 ;;; drop invalid traffic
chain=input action=drop connection-state=invalid
3 ;;; Allow everything from lan
chain=input action=accept in-interface=bridge
4 ;;; allow everything from lan
chain=input action=accept in-interface=ether2-local
5 ;;; SSH to router itself
chain=input action=accept protocol=tcp dst-port=22
6 ;;; drop everything else
chain=input action=drop
7 ;;; forward established traffic
chain=forward action=accept connection-state=established
8 ;;; forward related traffic
chain=forward action=accept connection-state=related
9 ;;; forward traffic from LAN to WAN
chain=forward action=accept out-interface=wan1
10 ;;; allow public services
chain=forward action=accept protocol=tcp dst-address=192.168.6.101
dst-port=80,443
11 ;;; drop everything else
chain=forward action=drop
12 ;;; drop invalid traffic
chain=forward action=drop connection-state=invalid
With these settings I can access SSH from the outside but my forwards do not work Please help me ....