Two questions: 1) To the end of which table should I add the rule? 2) Describe the rule. What is the target, etc.? Can you give a sample iptables command? Thanks
-----Original Message----- From: Dima Zbarski [mailto:[EMAIL PROTECTED] Sent: Monday, September 22, 2003 16:09 To: [EMAIL PROTECTED] Subject: Re: [Haifux] DMZ Variant [EMAIL PROTECTED] wrote: >Hi all! > >I have a linux box with 2 network interfaces: external (connected to the >Internet) and internal (connected to my LAN). The box acts as a firewall, >I'm also doing NAT. I have several ports open on the box itself and have set >up port forwarding to a few machines on the LAN. I want any connection from >the Internet to the box that isn't caught by any rule (I use iptables) to be >redirected to a pre-defined machine in the LAN. >For example: I don't run telnet server on the box and I don't forward port >23 to the LAN. If someone connects to the box on port 23, I want the >connection to be forwarded to a specific machine in the LAN. >P.S. I don't want to specify each port I want to be forwarded, but rather >forward all traffic at once. > >Any ideas are appreciated, >Alex > >-------------------------------------------------------------------------- >Haifa Linux Club Mailing List (http://www.haifux.org) >To unsub send an empty message to [EMAIL PROTECTED] > > Well that's not a problem at all. You just add rule to forward any packet to computer of your choice to the end if the table, so it will be last rule. This way if iptables didn't match any previous rule, the packet will be redirected. If it did match any previous rule, then it stops there. -------------------------------------------------------------------------- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
