[wellylug] Port Forwading
Sam
sam at plaz.net.nz
Tue Jan 27 10:07:05 NZDT 2004
On Tue, Jan 27, 2004 at 09:40:37AM +1300, Jamie Dobbs wrote:
> I have set up a Linux box to act as a router between two networks here at
> work.
> eth0 has IP 155.190.50.52 with a netmask of 255.255.255.0
> eth1 has IP 203.110.12.230 with netmask 255.255.255.240
>
> I want to route any traffic on port 5900 from equipment on eth0 to a
> machine with IP 203.110.12.225 on eth1.
>
> I have tried the following iptables entries (without success)
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT
> --to-destination 203.110.12.225:5900
>
> iptables -t filter -A FORWARD -i eth0 -p tcp --dport 5900 -s 0/0 -d
> 203.110.12.225 -j ACCEPT
If you don't already have one, you need a forward rule allowing traffic
to pass back from 203.110.12.225 to 0/0
You'll also need an SNAT or MASQUERADE rule to rewrite source addresses
on returning packets from 203.110.12.225:5900 to 155.190.50.52
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.wellylug.org.nz/pipermail/wellylug/attachments/20040127/ab0d6164/attachment.pgp
More information about the wellylug
mailing list