|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Iptables/Port Forwarding
|
Group:
I have 2 computers, 1 of them the gateway has 2 NICs (eth0 && eth1), and
my other masqued client wants to be my webserver (port 80). I have my
simple masq rules set like this. The client can ping the outside world,
but when I do http://staticAddress:8888, I get an error.
----------------------------------------------------------------
IPTABLES=/sbin/iptables
EXTIF="eth1"
INTIF="eth0"
echo "1" > /proc/sys/net/ipv4/ip_forward
#CLEAR THE RULES
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state
ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
#THE MAIN FORWARDING
$IPTABLES -t nat -A PREROUTING -p tcp -i eth1 -d 66.71.91.54 --dport 8888
-j DNAT --to 192.168.0.2:80
$IPTABLES -A FORWARD -p tcp -i eth0 -d 192.168.0.2 --dport 80 -j ACCEPT
Thanks,
Naresh
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|