Quote:
Originally Posted by keiai03
Wan access to Local? 121.x.x.x(public IP) the request must be forward to 10.x.x.x(local network).
|
Code:
iptables -t nat -A PREROUTING -i $WAN_IF -s 121.x.x.x -j DNAT --to-destination 10.x.x.x
Where WAN_IF is a variable that has been set to your WAN interface (such at eth0). You can just substitute that interface name for $WAN_IF in the above command if you wish.
The above command will forward
all ports. If, for example, you just wish to forward port 80/tcp, you would add the options
-p tcp --dport 80 . See the
iptables man page for more info. There are also howtos available. You may also wish to add rules to
netfilter's FORWARD chain for additional filtering.