The symptom is that connections can apparently be made from the outside world to the desired port 163.1.147.42:8080, but as soon as data is sent, the connection is closed:
Code: Select all
mike@flotsam:~$ telnet spivey 8080
Trying 163.1.147.42...
Connected to spivey.oriel.ox.ac.uk.
Escape character is '^]'.
GET / HTTP/1.0
Connection closed by foreign host.
mike@flotsam:~$
Here are the rules I've written in /etc/ufw/before.rules:
Code: Select all
# NAT table rules
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
# Forward requests from port 8080 to new server
-A PREROUTING -i enp0s25 -d 163.1.147.42 -p tcp --dport 8080 -j DNAT --to-destination 192.168.13.112:80
# Forward traffic through upstream ethernet
-A POSTROUTING -s 192.168.13.0/24 -o enp0s25 -j MASQUERADE
# don't delete the 'COMMIT' line or these nat table rules won't
# be processed
COMMIT
What's wrong here?