LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page IP forwarding
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-19-2004, 08:41 AM   #1
lapthorn
Member
 
Registered: Jul 2003
Location: Reading
Distribution: Red Hat
Posts: 86

Rep: Reputation: 15
IP forwarding

Please help me, I have become confused with information overload. I want to forward all web traffic to my internal network.

I have a ADSL connection with a static address. I have created the DNS entries so that www.lapthorn.com points to this static address.

The router sends all network traffic to 192.168.0.100 which is my Linux gateway machine running just IPtables. This machine has 2 network cards in it, one that connects to the ADSL router, the other to a switch serving my local machines 10.0.0.0/24 network. I want to forward all network traffic to port 80 from my Gateway machine to Apache running on 10.0.0.100.

Can somebody help. I know this is real simple but can't get my head around it today
 
Old 02-19-2004, 03:49 PM   #2
mr13stu
LQ Newbie
 
Registered: Feb 2004
Posts: 2

Rep: Reputation: 0
The following lines should be in your your firewall startup script.

********************

#1
echo 1 > /proc/sys/net/ipv4/ip_forward

#2
iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.0.100 \
--dport 80 --sport 1024:65535 -j DNAT --to 10.0.0.100:80

#3
iptables -A FORWARD -p tcp -i eth0 -o eth1 -d 10.0.0.100 \
--dport 80 --sport 1024:65535 -m state --state NEW -j ACCEPT

#4
iptables -A FORWARD -t filter -i eth1 -m state \
--state NEW,ESTABLISHED,RELATED -j ACCEPT

#5
iptables -A FORWARD -t filter -i eth0 -m state \
--state ESTABLISHED,RELATED -j ACCEPT

**********************

A short version of how it works is as follows:

#1 enable ip forwarding
#2 nat 192.168.0.100:80 to 10.0.0.100:80
#3 accept the packet that is now headed for 10.0.0.100:80

#4/#5 general rules to allow all traffic out, but only established connections in

Hope this helps.

Good luck.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mail Forwarding in postfix/maildrop/redhat (like yahoo mail forwarding) topcat Linux - Software 1 08-31-2007 12:10 PM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
Simple Port Forwarding Firewall - not forwarding MadTurki Linux - Security 14 04-09-2006 12:08 PM
IP Forwarding Dhax Linux - Networking 2 03-20-2004 10:13 AM
port forwarding and packet forwarding syrtsardo Linux - Newbie 2 07-03-2003 10:37 AM


All times are GMT -5. The time now is 02:33 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration