Hello folks.
I'm trying to build a firewall using Debian 10.1. I got several interfaces (many of them VLANS).
Now I'm trying to allow http access from internet to my internal web server. But I'm not able to do this.
This is the rules I have been trying to add using iptables:
iptables -A FORWARD -p tcp -d 192.168.2.22 --dport 80 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.2.22 --sport 80 -j ACCEPT
iptables -A PREROUTING -t nat -p tcp -d 1.2.3.4 --dport 80 -j DNAT --destination 192.168.2.22:80
And here it fails with:
iptables v1.8.2 (fn_tables): unknown option "DNAT"
I have searched internet to try to find a solution, but nothing came up. I got a lot of examples of how to do this, and all are using -j DNAT
What is wrong? Please help...