Iptables some command miss ?

Discussion in 'DD-WRT Firmware' started by tazthe, May 16, 2005.

  1. tazthe

    tazthe Network Guru Member


    I was just trying to make an iptables rules to forward wan 222 port to a lan server which is listen on port 22.

    So i try this :
    iptables -I FORWARD 8 -p tcp --dport 222 --to-destination
    -j logaccept
    but shelle return :
    Unknown arg `--to-destination'

    Then if i try this

    iptables -I FORWARD 8 -p tcp --dport 222 -d
    -j logaccept

    it return : host/network `' not found

    So is this parameters are not implemented on the dd-wrt iptables version ?

    Is there another solution to do this ?

  2. scatman

    scatman Network Guru Member

    iptables are in full flavor in dd-wrt. Right solution would be:

    iptables -t nat -I PREROUTING -p tcp --dport 222 -j DNAT --to-destination
    iptables -t filter -I FORWARD -p tcp --dport 22 -j ACCEPT

    --to-destination flag can only be used in PREROUTING chain to change destination address of a packet. And the packet has to go through nat table in order to do that.
    Be aware to place the rules well before any common DROP rules that might drop your packet before reaching your rules.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice