Thanx for that Andy, man iptables would be sensable if I had a linux box with man installed on it but we don't run linux at all here, I will go nose around for man pages on the weeb. This isn't sarcastic, your help with the first part lifted a bit of the veil...
Evan > On Wednesday 20 September 2006 13:12, Evan Brown wrote: > >> "/sbin/iptables -t nat -A PREROUTING -p tcp -i $GREEN_DEV -d 10.1.1.229 >> --dport 23 -j DNAT --to 192.168.77.2:23 " >> > > 1. -t nat => use the "nat" table > 2. -A PREROUTING => Append to the chain "PREROUTING" > 3. -p tcp => for the tcp protcol > 4. -i $GREEN_DEV => the incoming interface is your green > > <I have know idea about the colours and such as I never use these > appliances > with green / red / orange etc> > > 5. -d 10.1.1.229 => destination is that IP address > 6. --dport 23 => on the destination port of 23 > 7. -j DNAT => jump to the DNAT chain > 8. --to 192.168.77.2:23 => send that here > > > So basically ... incoming tcp traffic on the green thingymabobble, that is > destined for 10.1.1.229:23 gets shipped to 192.168.77.2:23 before you get to > the other chains (PREROUTING is first ... AFAICT). > > >> "/sbin/iptables -A FORWARD -p tcp -i $ORANGE_DEV -d 192.168.77.2 --dport >> 23 -j ACCEPT" >> > > And for this one ... I'll let you determine > > man iptables > > > Andy > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > > > . > > _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
