Using iptables to foward vnc

Christopher K. Johnson ckjohnson at
Thu Sep 16 12:41:34 UTC 2004

Brad Smith wrote:

>The packets hit PREROUTING and FORWARD, but not INPUT or OUTPUT, as expected.
>All chains on the gateway ACCEPT by default
>The firewall on the client and vnc server is down 
With iptables forwarded packets would not hit the INPUT or OUTPUT 
chains.  That was only true of ipchains.

Given Kenneth's observation about interfaces I would double-check the 
address in the nat rule, and I would verify that the interface 
connecting to the vnc server is correctly addressed and masked to 
include that address.  My guess is that one of those is wrong and the gw 
is trying to deliver the nat'd packets via its default gateway.


   "Spend less!  Do more!  Go Open Source..." --
   Chris Johnson, RHCE #807000448202021

More information about the users mailing list