Here, iptables -I FORWARD -p tcp -d $destip --dport $destport -j ACCEPT iptables -I FORWARD -p udp -d $destip --dport $destport -j ACCEPT iptables -t nat -A PREROUTING -p tcp -i $interface --dport $fwport -j DNAT --to $destip:$destport iptables -t nat -A PREROUTING -p udp -i $interface --dport $fwport -j DNAT --to $destip:$destport
The above script came with my firewall.. Just put your info in the variables and it will work. Thanks, Jeff > -----Original Message----- > From: Pupeno [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 03, 2003 4:34 AM > To: [EMAIL PROTECTED] > Subject: [gentoo-user] destination nat (port forwarding) > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello Gentooers... > I'm trying to do port forwarding in my box... which has a > dynamic ip address > and a local ip address of 10.0.0.1. > I want to redirect, for example, the incoming telnet port to > another ip at the > local network, latter I want to do the same with a range of > ports (is that > posible). > I'm trying to do it with iptables destination nat, I created this rule > Chain PREROUTING (policy ACCEPT 9177 packets, 1980K bytes) > pkts bytes target prot opt in out source > destination > 8 480 DNAT tcp -- any any anywhere > anywhere > tcp dpt:telnet to:10.0.0.4:23 > > with this command "iptables -t nat -A PREROUTING -p tcp > --dport 23 -j DNAT > - --to 10.0.0.4:23" > When I telnet to the routing box, I see that the counters for > that rule are > incremented, so, it seems to be working, but I was told, that > I'm missing, a > rule, that NATs the packets back... but I'm not sure how to > make that rule, > can anyone help me ? > Thanks > - -- > Pupeno: [EMAIL PROTECTED] > http://www.kde.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2 (GNU/Linux) > > iD8DBQE/VbWlLr8z5XzmSDQRAjpzAJwKkSohD9AiC4fWNTMKmH2Ubt4FZQCfUkww > kWSdPzD47NAghQdnl6DE59U= > =qhd+ > -----END PGP SIGNATURE----- > > > -- > [EMAIL PROTECTED] mailing list > >
