IP-forward not working, how do i debug it?

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Sindrers, Jan 20, 2010.

  1. Sindrers macrumors newbie

    Mar 13, 2009
    My NAT portforward service to run a MAMP webserver:

    Network setup:

    I have setup a local static ipadress for my machine which is running a MAMP webserver. Which means i always get the following IP-adress
    MAMP works on but not on the portforward ipadress

    ISP ( provides us with 5 static ips. )

    The ISP is running a bridge mode from theire router too our Xserve.
    Our xserve(mac os x server 10.6.2) then runs a DHCP service giving users a local IP adress aswell as internet connection.
    Then we have the firewall which is basicly set to allow all traffic.
    I have also tried to set advanced rules to specify it completly without any luck.

    This is the plist file i have generated:
    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">

    I have tried to looking in different logs without any luck at all. Can anyone please push me in the right direction on how to debug this?
    My /var/log/alias.log says the following over and over with different udp, tcp, sock and tot.

    icmp=0, udp=48, tcp=61 pptp=0, proto=0, frag_id=0 / tot=106 (sock1)

    I have also checked "sudo ipfw list" and both port 8888 and 80 is openend from any to any.
  2. belvdr macrumors 603

    Aug 15, 2005
    No longer logging into MR
    I know nothing about setting this up in OS X Server. Looking at the above, I assume the target* lines are the real IPs on the inside and the alias* lines are for the NATed address on the outside.

    If the inside server can be browsed on 8888, then the targetPortRange should be 8888, not 80 (since targetIP is the internal address).

    Then if you want to browse http://77.XXX.XXX.220, then change the aliasPortRange to 80. If you want to browse http://77.XXX.XXX.220:8888, then leave aliasPortRange as 8888.

Share This Page