> <@nanashi0x74:matrix.org> I'm still trying to understand iptables and nat and why my server doesn't answer on port 443 😅 Can someone help me who understands iptables and networking better? > I know that DNAT rules are getting applied and that the dnat destination is open, but when I try accessing 443 from outside it doesn't work this is my nat table, I see that the DNAT rules are getting applied ``` iptables -L -t nat -nv Chain PREROUTING (policy ACCEPT 102 packets, 5684 bytes) pkts bytes target prot opt in out source destination 58977 3450K nixos-nat-pre all -- * * 0.0.0.0/0 0.0.0.0/0 Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 4 packets, 240 bytes) pkts bytes target prot opt in out source destination 4746 235K nixos-nat-post all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 MASQUERADE all -- * eth0 10.100.0.0/24 0.0.0.0/0 46 17714 LOG all -- * eth0 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 Chain nixos-nat-post (1 references) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0 mark match 0x1 Chain nixos-nat-pre (1 references) pkts bytes target prot opt in out source destination 6 320 LOG all -- eth0 * 0.0.0.0/0 51.15.10.88 LOG flags 0 level 6 prefix "nat: " 1 84 MARK all -- wg0 * 0.0.0.0/0 0.0.0.0/0 MARK set 0x1 45 2136 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.100.0.2:80 118 6764 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:10.100.0.2:443 509 30540 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8448 to:10.100.0.2:8448 ``` 10.100.0.2:443 is accessible: ``` nc 10.100.0.2 443 sfasf HTTP/1.1 400 Bad Request Server: nginx Date: Wed, 24 Jun 2020 10:23:30 GMT Content-Type: text/html Content-Length: 150 Connection: close 400 Bad Request

400 Bad Request


nginx
^C ``` but when I nc to the server ip locally I get nothing back: ``` nc 51.15.10.88 443 saf asf s af asf asf saf asf asf ```