Проблема с dstnat
Добавлено: 20 апр 2012, 10:46
Здраствуйте пробую сделать редирект через dstnat
telnet 192.168.0.4 81
Trying 192.168.0.4...
вот такой ответ получаю
chain=dstnat action=dst-nat to-addresses=192.168.0.1 to-ports=80 protocol=tcp dst-address=192.168.0.4 dst-port=81
[admin@localix] /ip firewall> nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade src-address-list=langw
1 X chain=dstnat action=dst-nat to-addresses=172.16.16.1 to-ports=80 protocol=tcp dst-address=192.168.0.1 dst-port=80
2 X chain=dstnat action=dst-nat to-addresses=172.16.16.3 to-ports=3339 protocol=tcp dst-address=95.182.109.235
3 chain=srcnat action=masquerade src-address-list=ulgw
4 chain=dstnat action=dst-nat to-addresses=192.168.0.1 to-ports=80 protocol=tcp dst-address=192.168.0.4 dst-port=81
[admin@localix] /ip firewall> filter print
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=input action=accept protocol=tcp dst-port=80
[admin@localix] /ip firewall> mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=postrouting action=add-dst-to-address-list protocol=tcp src-address=172.16.16.3 dst-address=95.182.109.235 src-address-list=ulgw address-list=ulgw address-list-timeout=0s
1 chain=prerouting action=mark-routing new-routing-mark=mark-to-isp2 passthrough=yes src-address-list=ulgw
2 chain=prerouting action=mark-routing new-routing-mark=mark-to-isp1 passthrough=yes src-address-list=langw
3 chain=forward action=mark-connection new-connection-mark=to-isp1c passthrough=yes dst-address=!95.182.109.235 src-address-list=langw in-interface=LAN
4 chain=forward action=mark-connection new-connection-mark=to-isp2c passthrough=yes dst-address=192.168.0.4 src-address-list=ulgw in-interface=LAN
telnet 192.168.0.4 81
Trying 192.168.0.4...
вот такой ответ получаю
chain=dstnat action=dst-nat to-addresses=192.168.0.1 to-ports=80 protocol=tcp dst-address=192.168.0.4 dst-port=81
[admin@localix] /ip firewall> nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade src-address-list=langw
1 X chain=dstnat action=dst-nat to-addresses=172.16.16.1 to-ports=80 protocol=tcp dst-address=192.168.0.1 dst-port=80
2 X chain=dstnat action=dst-nat to-addresses=172.16.16.3 to-ports=3339 protocol=tcp dst-address=95.182.109.235
3 chain=srcnat action=masquerade src-address-list=ulgw
4 chain=dstnat action=dst-nat to-addresses=192.168.0.1 to-ports=80 protocol=tcp dst-address=192.168.0.4 dst-port=81
[admin@localix] /ip firewall> filter print
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=input action=accept protocol=tcp dst-port=80
[admin@localix] /ip firewall> mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=postrouting action=add-dst-to-address-list protocol=tcp src-address=172.16.16.3 dst-address=95.182.109.235 src-address-list=ulgw address-list=ulgw address-list-timeout=0s
1 chain=prerouting action=mark-routing new-routing-mark=mark-to-isp2 passthrough=yes src-address-list=ulgw
2 chain=prerouting action=mark-routing new-routing-mark=mark-to-isp1 passthrough=yes src-address-list=langw
3 chain=forward action=mark-connection new-connection-mark=to-isp1c passthrough=yes dst-address=!95.182.109.235 src-address-list=langw in-interface=LAN
4 chain=forward action=mark-connection new-connection-mark=to-isp2c passthrough=yes dst-address=192.168.0.4 src-address-list=ulgw in-interface=LAN