A FORWARD -i enp1s0 -j REJECT -reject-with icmp-port-unreachable A FORWARD -o enp1s0 -j REJECT -reject-with icmp-port-unreachable A FORWARD -d 10.42.0.0/24 -o enp1s0 -m state -state RELATED,ESTABLISHED -j ACCEPT A INPUT -i lxcbr0 -p udp -m udp -dport 67 -j ACCEPT A INPUT -i lxcbr0 -p tcp -m tcp -dport 67 -j ACCEPT A INPUT -i lxcbr0 -p udp -m udp -dport 53 -j ACCEPT A INPUT -i lxcbr0 -p tcp -m tcp -dport 53 -j ACCEPT A INPUT -i enp1s0 -p tcp -m tcp -dport 53 -j ACCEPT
A INPUT -i enp1s0 -p udp -m udp -dport 53 -j ACCEPT A INPUT -i enp1s0 -p tcp -m tcp -dport 67 -j ACCEPT A INPUT -i enp1s0 -p udp -m udp -dport 67 -j ACCEPT A POSTROUTING -o lxcbr0 -p udp -m udp -dport 68 -j CHECKSUM -checksum-fill Here's the output of iptables-save when the forwarding is working: $ sudo iptables-save I only have to run the first command in order for the forwarding to work again. What is really mystifying is that the rules appear to actually persist - when I examine the output of iptables-save, they are still present. The problem is, the forwarding stops working not only after rebooting the PC, but even after suspending/sleep. I then use iptables-persistent and # iptables-save > /etc/iptables/rules.v4 to keep these rules in subsequent boots. To achieve that, I run the following commands: $ sudo iptables -I FORWARD -o enp1s0 -d 10.42.0.66 -j ACCEPT I am trying to forward packets received by a PC on port 16080 to port 3389 to another PC connected to it via Ethernet, where enp1s0 is the Ethernet interface and 10.42.0.66 is the IP of the connected computer.
0 kommentar(er)
