NAT Port Forwarding

[wondaah]

Hi, I just rented a Server from Hetzner and I'm trying to setup a Minecraft Server inside an LXC Container, I configured it to use a private IP Address because I of course have only one public IP.

This is my /etc/network/interfaces Config
source /etc/network/interfaces.d/* auto lo iface lo inet loopback iface lo inet6 loopback auto enp0s31f6 iface enp0s31f6 inet static address (Public IP)/26 gateway (Public GW) up route add -net (Public Network) netmask 255.255.255.192 gw (Public GW) dev enp0s31f6 # route (Route Prefix) via (GW) iface enp0s31f6 inet6 static address (Public IPv6) gateway (Public v6 GW) auto vmbr0 #private sub network iface vmbr0 inet static address 192.168.50.1/24 bridge-ports none bridge-stp off bridge-fd 0 post-up echo 1 > /proc/sys/net/ipv4/ip_forward post-up iptables -t nat -A POSTROUTING -s '192.168.50.0/24' -o enp0s31f6 -j MASQUERADE post-down iptables -t nat -D POSTROUTING -s '192.168.50.0/24' -o enp0s31f6 -j MASQUERADE #Conntrack post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1 post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1 #Minecraft post-up iptables -t nat -A PREROUTING -i enp0s31f6 -p tcp --dport 25565 -j DNAT --to 192.168.50.50:25565 post-down iptables -t nat -D PREROUTING -i enp0s31f6 -p tcp --dport 25565 -j DNAT --to 192.168.50.50:25565

The Private IP of the Minecraft Server LXC is 192.168.50.50

I pretty much tried everything but I cannot connect to the Server or telnet into it, from the outside nmap says the port is closed, if I nmap from the host to the guest its open of course, all firewalls are disabled.

The LXC has Internet access without problems.

Please help me I'm really lost.

 

[shrdlicka]

Can you post the output of iptables-save here?

 

[wondaah]

Can you post the output of iptables-save here?

I fixed it, my interface was not up and not added into the bridge correctly.