forwarding packets to multiple computers for different ports
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
Very interesting question. Sadly iptables is not capable of this. Iptables does not allow for variables, which is what you would need to have set with some conditional logic in the rule itself.
There are plenty of so-called iptables scripts that use variables but these variables are always interpreted by the shell (bash, sh, csh, etc) long before the rule is actually added to iptables, so all iptables ever sees of these variables is the resultant output not the variable itself. <--- Probably confusing. Sorry.
You could write a do loop script that would add THOUSANDS (65,535 to be exact) of individual rules to iptables to do just what you ask... but that would bring your firewall to a screeching halt since it would have to parse all that before allowing a packet.
Distribution: FC1, Gentoo, Mdk 8.1, RH7-8-9, Knoppix, Zuarus rom 3.13
Posts: 98
Rep:
Quote:
Originally posted by Matir I'm hoping there wasn't intent for THAT many ports. I interpreted the question as one of the syntax of iptables to make it portbased.
Hmm.. yeah know.. I don't know. I thought he meant any port when he said "and so on". I could very well be wrong. Course then again if he's saying 192.168.0.1, that being a class c block then the most he could hope for is forwarding from 192.168.0.2 through 254. Long way from all 65k ports eh? Still having 250ish rules would be heck on an even moderately used firewall.
Anyway I still stand by my point that iptables doesn't use variables only the results of variables.
Sorry if I introduced confusion with my confusion. :-)
Well.... couldn't it be the class B "192.168.0.0/16"? But yes, in either case, it would not be fun for a firewall. Though my firewall has about 100 rules without any noticable lag. Mostly in the FORWARD and INPUT chains. I guess the whole chain deal helps.
posted by bignerd...Hmm.. yeah know.. I don't know. I thought he meant any port when he said "and so on".
Quote:
Originally posted by Matir ...I'm hoping there wasn't intent for THAT many ports. I interpreted the question as one of the syntax of iptables to make it portbased.
will help for multiple different ports to forward packets to different LAN computers.
Here is my modified query.
Assuming the Static IP to be 194.160.1.1
Let the unique ports be 80,81,82
When some one requests at 194.160.1.1:80 It should forward packets to 192.168.0.1
When some one requests at 194.160.1.1:81 It should forward packets to 192.168.0.3
When some one requests at 194.160.1.1:82 It should forward packets to 192.168.0.4
and the list goes similar to the above.
If there are some iptable scripts available online then please guide me where to find a best one.OR any alternative solution for this problem
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.