› Forums › Network Management › ZeroShell › Port Mapping / Forwarding
- This topic is empty.
-
AuthorPosts
-
April 8, 2010 at 9:02 pm #42337
megabit
MemberAll,
I’ve be using ZS for a few weeks and I’m very impressed with it’s features. I have worked out most om my issues but a few things still elude me.I can’t seem to get the System> Router> Virtual Server to work for me, I may be trying make it do what it isn’t supposed to or just plain doing it wrong.
What I have is ZS configured as Captive Portal with NAT enabled. I have several Wireless Access Points (WAPs) connected on the LAN side (ETH00) (192.168.1.1) via an 8 port switch.
The WAN side (ETH01) (69.xxx.70.1) interface is connected to a router to the ISP.
The WAPs are manageable via HTTP interface using port 80. Each WAP has a unique IP within the LAN subnet. I need to manage these WAPs from 200 miles away.
I am trying to map ETH01 69.xxx.70.1 port 60001 to WAP 192.168.1.201 port 80.
This way in my browser I enter http://69.xxx.70.1:60001 and connected to the WAP with the IP of 192.168.1.201.
If ZS can’t do this then is there some other way to do it outside of ZS?
I am running ZS on a hard drive no CD or flash
Thanks,
Megabit
April 8, 2010 at 9:39 pm #50078ppalias
MemberCould you paste here the output of commands
iptables -L -v
iptables -t nat -L -vApril 9, 2010 at 11:50 pm #50079megabit
MemberPpalias,
Here is the entry in the Virtual Server tab first then the iptables print outs.Thanks for any help
MegabitInterface/IP address Protocol Local Port Real Servers
ETH01 / ANY TCP 60001 192.168.1.222:80
root@zeroshell root> iptables -L -v
Chain INPUT (policy ACCEPT 7524 packets, 1278K bytes)
pkts bytes target prot opt in out source destination
28196 3835K SYS_INPUT all — any any anywhere anywhere
28 3227 SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:http
10347 1350K SYS_HTTPS tcp — any any anywhere anywhere tcp dpt:https
361 24380 SYS_SSH tcp — any any anywhere anywhere tcp dpt:sshChain FORWARD (policy ACCEPT 223K packets, 82M bytes)
pkts bytes target prot opt in out source destination
4577 1807K CapPort all — any any anywhere anywhereChain OUTPUT (policy ACCEPT 21195 packets, 6924K bytes)
pkts bytes target prot opt in out source destination
29687 7648K SYS_OUTPUT all — any any anywhere anywhereChain CapPort (1 references)
pkts bytes target prot opt in out source destination
2104 411K CapPortACL all — ETH00 any anywhere anywhereChain CapPortACL (1 references)
pkts bytes target prot opt in out source destination
2104 411K CapPortFS all — any any anywhere anywhere
1923 399K CapPortFC all — any any anywhere anywhere
1923 399K CapPortWL all — any any anywhere anywhere
4 424 DROP all — any any anywhere anywhereChain CapPortFC (1 references)
pkts bytes target prot opt in out source destinationChain CapPortFS (1 references)
pkts bytes target prot opt in out source destination
181 11720 ACCEPT udp — any any anywhere anywhere udp dpt:domain
0 0 ACCEPT udp — any any anywhere anywhere udp dpt:bootps
0 0 ACCEPT tcp — any any anywhere 192.168.1.1 tcp dpt:http
0 0 ACCEPT tcp — any any anywhere 192.168.1.1 tcp dpt:httpsChain CapPortWL (1 references)
pkts bytes target prot opt in out source destination
1754 343K ACCEPT all — any any 192.168.1.11 anywhere MAC 00:17:A4:D2:18:9CChain NetBalancer (0 references)
pkts bytes target prot opt in out source destinationChain SYS_HTTPS (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
10375 1353K ACCEPT all — any any anywhere anywhereChain SYS_INPUT (1 references)
pkts bytes target prot opt in out source destination
785 74174 ACCEPT all — lo any anywhere anywhere
970 109K ACCEPT tcp — ETH00 any anywhere anywhere tcp dpts:12080:12083
75 3900 DROP tcp — any any anywhere anywhere tcp dpts:12080:12083
67 23448 ACCEPT udp — any any anywhere anywhere udp spt:domain state ESTABLISHED
6 483 ACCEPT tcp — any any anywhere anywhere tcp spt:http state ESTABLISHED
0 0 ACCEPT tcp — any any anywhere anywhere tcp spt:8245 state ESTABLISHED
252 19152 ACCEPT udp — any any anywhere anywhere udp spt:ntp state ESTABLISHED
5459 814K RETURN all — any any anywhere anywhereChain SYS_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
803 75774 ACCEPT all — any lo anywhere anywhere
117 8543 ACCEPT udp — any any anywhere anywhere udp dpt:domain
5 405 ACCEPT tcp — any any anywhere anywhere tcp dpt:http
0 0 ACCEPT tcp — any any anywhere anywhere tcp dpt:8245
257 19532 ACCEPT udp — any any anywhere anywhere udp dpt:ntp
8729 2695K RETURN all — any any anywhere anywhereChain SYS_SSH (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all — lo any anywhere anywhere
0 0 ACCEPT all — any any 192.168.0.0/24 anywhere
0 0 ACCEPT all — any any 10.237.1.0/24 anywhere
361 24380 ACCEPT all — any any 192.168.1.0/24 anywhere
0 0 DROP all — any any anywhere anywhere
root@zeroshell root>
root@zeroshell root> iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 21384 packets, 2403K bytes)
pkts bytes target prot opt in out source destination
1258 136K CapPort all — any any anywhere anywhere
1633 86776 Proxy tcp — any any anywhere anywhere tcp dpt:http
0 0 DNAT tcp — ETH01 any anywhere anywhere tcp dpt:60001 to:192.168.1.222:80Chain POSTROUTING (policy ACCEPT 367 packets, 30327 bytes)
pkts bytes target prot opt in out source destination
23270 1931K SNATVS all — any any anywhere anywhere
21853 1817K MASQUERADE all — any BRIDGE00 anywhere anywhere
1050 84297 MASQUERADE all — any ETH01 anywhere anywhereChain OUTPUT (policy ACCEPT 6331 packets, 503K bytes)
pkts bytes target prot opt in out source destinationChain CapPort (1 references)
pkts bytes target prot opt in out source destination
133 6892 CapPortHTTP tcp — ETH00 any anywhere anywhere tcp dpt:http
78 4052 CapPortHTTPS tcp — ETH00 any anywhere anywhere tcp dpt:https
13 676 CapPortGW tcp — ETH00 any anywhere anywhere tcp dpt:12080
0 0 CapPortGW tcp — ETH00 any anywhere anywhere tcp dpt:12081Chain CapPortGW (2 references)
pkts bytes target prot opt in out source destination
13 676 REDIRECT tcp — any any anywhere anywhereChain CapPortHTTP (1 references)
pkts bytes target prot opt in out source destination
115 5956 CapPortProxy all — any any 192.168.1.11 anywhere MAC 00:17:A4:D2:18:9C
0 0 CapPortProxy tcp — any any anywhere 192.168.1.1 tcp dpt:http
4 208 REDIRECT tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 10/min burst 15 mode srcip-dstport redir ports 12080
0 0 DROP tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
0 0 REDIRECT tcp — any any anywhere anywhere redir ports 12080Chain CapPortHTTPS (1 references)
pkts bytes target prot opt in out source destination
76 3948 ACCEPT all — any any 192.168.1.11 anywhere MAC 00:17:A4:D2:18:9C
0 0 ACCEPT tcp — any any anywhere 192.168.1.1 tcp dpt:https
0 0 REDIRECT tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 10/min burst 15 mode srcip-dstport redir ports 12081
0 0 DROP tcp — any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
0 0 REDIRECT tcp — any any anywhere anywhere redir ports 12081Chain CapPortProxy (2 references)
pkts bytes target prot opt in out source destination
129 6684 Proxy tcp — any any anywhere anywhere tcp dpt:http
129 6684 ACCEPT all — any any anywhere anywhereChain Proxy (2 references)
pkts bytes target prot opt in out source destinationChain SNATVS (1 references)
pkts bytes target prot opt in out source destination
root@zeroshell root>April 10, 2010 at 2:26 pm #50080ppalias
MemberLooks like no packets ever reach the rule of the port forwarding. I hope you had tried some times to access the webcam on port 60001
The bridge interface what is bridging exactly? I hope you are not bridging ETH01 and the internal network… -
AuthorPosts
- You must be logged in to reply to this topic.