On Wed, 8 Apr 2009 09:13:40 +0200 Stephan Balmer <[email protected]> wrote:
> > So what I need now, is the setup for the IP Tables to get the > > traffic forwarded from eth0/eth1 to the servers in eth2 where I have > > > > eth0 -> smtp/imap -> 192.168.0.196 <mail.tamay-dogan.net> > > http -> 192.168.0.200 <www.tamay-dogan.net> > > (VServer) http:9999 -> 192.168.0.210 <www.debian.tamay-dogan.net> > > (VServer) > > > > eth2 -> smtp/imap -> 192.168.0.220 <mail.tdwave.net> > > http -> 192.168.0.221 <www.tdwave.net> > > (VServer) http:9999 -> 192.168.0.230 <www.debian.tamay-dogan.net> > > (VServer) pgsql -> 192.168.0.240 <pgsql.private.tamay-dogan.net> > > You want to have a look at the DNAT section in the iptables manual. > > And to get you up to speed, > > iptables -t nat -A PREROUTING \ > --destination <PUBIP> -m tcp --destination-port > <PUBPORT> \ --jump DNAT --to-destination <PRIVATEIP>:<PRIVATEPORT> > > seems to be what you need. That's right. Could look somewhat like that for port smtp/25 on eth2 -> 192.168.0.220:25 iptables -t nat -A PREROUTING \ -i eth2 -p tcp --dport 25 -j DNAT \ --to 192.168.0.220:25 And don't forget to accept the packet itself ;-) iptables -A INPUT -p tcp -m state --state NEW \ --dport 25 -i eth2 -j ACCEPT -- Freundliche Gruesse/Best Regards Benjamin Hackl IT/Administration Media FOCUS Research Ges.m.b.H. Maculangasse 8, 1220 Wien Tel.-Nr.: +43 1 258 97 01-295 [email protected] http://www.focusmr.com/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
