Re: [PLUG] IPTables question

LeRoy Cressy on Wed, 21 Nov 2001 19:00:15 +0100

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] IPTables question

From: LeRoy Cressy <lcressy@telocity.com>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] IPTables question

Date: Wed, 21 Nov 2001 05:20:19 -0500

Organization: L & R Associates

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

This is what I have in one of my scripts: iptables -t nat -A POSTROUTING -o eth2 -p tcp -s 64.194.227.197 --dport 80 -j SNAT --to 192.168.10.1 One of the items that you might change is is -s address to -i ppp0 which would make it look at every packet coming into ppp0 instead of a source address. Only those packets which have port 80 in the header will jump to SNAT while any other packet will be dropped. ian reinhart geiser wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Greetings > I have IP tables on my firewall and for some reason this line no longer > works for forwarding: > # Completed on Tue Oct 23 15:25:00 2001 > # Generated by iptables-save v1.2.1 on Tue Oct 23 15:25:00 2001 > *nat > :PREROUTING ACCEPT [10265:885059] > :POSTROUTING ACCEPT [105:6064] > :OUTPUT ACCEPT [2488:176481] > - -A PREROUTING -d 64.80.72.142 -p tcp -m tcp --dport 80 -j DNAT > - --to-destination 10.0.5.100:80 > - -A POSTROUTING -o ppp0 -j MASQUERADE > > What I want it to do is redirect all traffic to port 80 on my firewall > interface to my webserver internal. Ideally I want all traffic that goes to > the port 80 of my WAN interface to be redireced to the webserver... but i > think the problem is the IP of the WAN interface changes every time i dial > up... > > hints? > > thanks > - -ian reinhart geiser > > - -- > :-- Ian Reinhart Geiser --: > GPG Key: D6A6 7E16 13A9 B5A7 9E18 D1A7 3F2E B64D 19BC 76F8 > =========================================================== > Nobody said computers were going to be polite. > =========================================================== > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE7+n2wPy62TRm8dvgRAj72AKCmNwcSrtcfHaEHE3TO8X3gXpTMaACg5VDd > fPW338difhgpgnjA0L+7Q8c= > =sZT6 > -----END PGP SIGNATURE----- > > ______________________________________________________________________ > Philadelphia Linux Users Group - http://www.phillylinux.org > Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce > General Discussion - http://lists.phillylinux.org/mail/listinfo/plug -- Rev. LeRoy D. Cressy mailto:lcressy@telocity.com /\_/\ http://www.netaxs.com/~ldc ( o.o ) Phone: 215-535-4037 > ^ < Jesus saith unto him, I am the way, the truth, and the life: no man cometh unto the Father, but by me. (John 14:6) ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

References:

[PLUG] IPTables question
From: ian reinhart geiser <geiseri@yahoo.com>

Prev by Date: [PLUG] Star Office 5.2 Aborts

Next by Date: Re: [PLUG] two questions...

Previous by thread: [PLUG] IPTables question

Next by thread: [PLUG] sed question

Index(es):

Date

Thread