IPTABLES FORWARDING PROBLEMMy topology is as follows:inet----router 192.

1. IPTABLES FORWARDING PROBLEM
2.  
3. My topology is as follows:
4.  
5. inet----router 192.168.1.254-------wlan0 192.168.1.71 && eth0
6. 192.168.70.121------ip camera 192.168.70.140:80
7.  
8. Note:
9.  
10. (1) eth0 and wlan0 are on a PC running Ubuntu.
11.  
12. (2) Port 5555 on the router is forwarded to 80 on 192.168.1.71
13.  
14. (2) in sysctl I have set sysctl net.ipv4.ip_forward=1
15.  
16.  
17. Now what I need to do is to be able to access the IP camera from the inet.
18.  
19. So I have tried adding IPTables:
20.  
21. iptables -t nat -A PREROUTING -i wlan0 -d 192.168.1.71 -p tcp --dport
22. 5555 -j DNAT --to 192.168.70.140:80
23.  
24. Now this should allow me to access the camera by pointing a web
25. browser to the real world public ip on port 5555, however I get page
26. cannot be displayed.
27.  
28.  
29. I have verified that:
30.  
31. 1. That camera is accessable from the Ubuntu computer via web browser and ping
32. 2. tcptrack sees the incoming connections at wlan0 but nothing on eth0 so I think the problem is with the rule. Tcptrackoutput:
33. Client Server State Idle Speed
34. 118.92.xx.55:58674 192.168.1.71:80 RESET 1s 0 b/s
35. 118.92.xx.55:58673 192.168.1.71:80 RESET 1s 0 b/s
36. 118.92.xx.55:58676 192.168.1.71:80 RESET 1s 0 b/s
37.  
38. Not sure about "RESET" state? This bad?
39.  
40.  
41. Various people have suggsted I may need to modify conntrack and others
42. have suggested I may need a second rule.
43.  
44.  
45.  
46. Can anyone please help?