Bonsoir,
Alors avant toute explication sur le problème, voila le schéma de mon réseau.
[codebox]~ # iptables -LChain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp – anywhere anywhere tcp dpt:webcache
DROP tcp – anywhere anywhere tcp dpt:www
DROP tcp – anywhere anywhere tcp dpt:https
DROP tcp – anywhere anywhere tcp dpt:telnet
DROP tcp – anywhere anywhere tcp dpt:69
DROP tcp – anywhere anywhere tcp dpt:ssh
DROP tcp – anywhere anywhere tcp dpt:ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere anywhere
logdrop all – anywhere anywhere state INVALID
TCPMSS tcp – anywhere anywhere tcp flags:SYN,RST/SYN tcpmss match 1461:65535 TCPMSS set 1460
lan2wan all – anywhere anywhere
ACCEPT all – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp – anywhere Wenbox udp dpt:5070
ACCEPT udp – anywhere Wenbox udp dpt:10000
ACCEPT udp – anywhere Wenbox udp dpt:10001
ACCEPT tcp – anywhere 192.168.1.100 tcp dpt:14463
ACCEPT udp – anywhere 192.168.1.100 udp dpt:14463
ACCEPT tcp – anywhere 192.168.1.100 tcp dpt:10461
ACCEPT udp – anywhere 192.168.1.100 udp dpt:10490
ACCEPT tcp – anywhere 192.168.1.100 tcp dpt:www
ACCEPT tcp – anywhere 192.168.1.100 tcp dpt:40000
ACCEPT tcp – anywhere 192.168.1.100 tcp dpt:ssh
TRIGGER all – anywhere anywhere TRIGGER type:in match:0 relate:0
trigger_out all – anywhere anywhere
ACCEPT all – anywhere anywhere state NEW
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain advgrp_1 (0 references)
target prot opt source destination
Chain advgrp_10 (0 references)
target prot opt source destination
Chain advgrp_2 (0 references)
target prot opt source destination
Chain advgrp_3 (0 references)
target prot opt source destination
Chain advgrp_4 (0 references)
target prot opt source destination
Chain advgrp_5 (0 references)
target prot opt source destination
Chain advgrp_6 (0 references)
target prot opt source destination
Chain advgrp_7 (0 references)
target prot opt source destination
Chain advgrp_8 (0 references)
target prot opt source destination
Chain advgrp_9 (0 references)
target prot opt source destination
Chain grp_1 (0 references)
target prot opt source destination
Chain grp_10 (0 references)
target prot opt source destination
Chain grp_2 (0 references)
target prot opt source destination
Chain grp_3 (0 references)
target prot opt source destination
Chain grp_4 (0 references)
target prot opt source destination
Chain grp_5 (0 references)
target prot opt source destination
Chain grp_6 (0 references)
target prot opt source destination
Chain grp_7 (0 references)
target prot opt source destination
Chain grp_8 (0 references)
target prot opt source destination
Chain grp_9 (0 references)
target prot opt source destination
Chain lan2wan (1 references)
target prot opt source destination
Chain logaccept (0 references)
target prot opt source destination
ACCEPT all – anywhere anywhere
Chain logdrop (1 references)
target prot opt source destination
DROP all – anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
REJECT tcp – anywhere anywhere tcp reject-with tcp-reset
Chain trigger_out (1 references)
target prot opt source destination
~ #
~ #
~ #
~ #
~ # iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT icmp – anywhere 192.168.2.2 to:192.168.1.1
DNAT udp – anywhere 192.168.2.2 udp dpt:5070 to:192.168.1.2:5070
DNAT udp – anywhere 192.168.2.2 udp dpt:10000 to:192.168.1.2:10000
DNAT udp – anywhere 192.168.2.2 udp dpt:10001 to:192.168.1.2:10001
DNAT tcp – anywhere 192.168.2.2 tcp dpt:14463 to:192.168.1.100:14463
DNAT udp – anywhere 192.168.2.2 udp dpt:14463 to:192.168.1.100:14463
DNAT tcp – anywhere 192.168.2.2 tcp dpt:10461 to:192.168.1.100:10461
DNAT udp – anywhere 192.168.2.2 udp dpt:10490 to:192.168.1.100:10490
DNAT tcp – anywhere 192.168.2.2 tcp dpt:webcache to:192.168.1.100:80
DNAT tcp – anywhere 192.168.2.2 tcp dpt:40000 to:192.168.1.100:40000
DNAT tcp – anywhere 192.168.2.2 tcp dpt:2222 to:192.168.1.100:22
TRIGGER all – anywhere 192.168.2.2 TRIGGER type:dnat match:0 relate:0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – anywhere anywhere
RETURN all – anywhere anywhere PKTTYPE = broadcast
MASQUERADE all – 192.168.1.0/24 192.168.1.0/24
Chain OUTPUT (policy ACCEPT)
target prot opt source destination[/codebox]