1

I have tried to setup port forwarding from my zentyal server (port 5000) to my synology NAS (port 5000) too. Here is the result in terms of iptables rules :

Chain fredirects (1 references)
target     prot opt source               destination         
faccept    tcp  --  0.0.0.0/0            10.0.0.8             state NEW tcp dpt:5000
faccept    udp  --  0.0.0.0/0            10.0.0.8             state NEW udp dpt:5000

Now, when I try this with telnet from another server hosted somewhere else on the internet, telnet can't contact my server... any ideas ? How may I do other tests ?

user201680
  • 51
  • 1
  • 5

1 Answers1

1

I don't know Zentyal, but from my understanding you want to forward requests that come from Internet to your NAS on port 5000.

Regarding your rules, you don't seem to forward public_ip:5000 to private_ip:5000.

I would do something like this :

iptables -t nat -A PREROUTING -d your.public.ip.address -p tcp –dport 5000 -j DNAT --to your.synology.nas.ip:5000

# Instead on the rule above, you could also filter on traffic coming to your External (Wan) interface :
iptables -t nat -A PREROUTING -i wan0 -p tcp –dport 5000 -j DNAT –-to your.synology.nas.ip:5000

# Finally allow traffic to your NAS :
iptables -A FORWARD -p tcp -d your.synology.nas.ip --dport 5000 -j ACCEPT

Also, i don't really know what means Chain fredirects in your case, but REDIRECT is a specific iptables target that redirects traffic to the host itself. In your case you don't want to redirect to the host itself but to your NAS.

krisFR
  • 12,830
  • 3
  • 31
  • 40