LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-04-2009, 11:20 PM   #1
cedricd
LQ Newbie
 
Registered: Nov 2008
Posts: 9

Rep: Reputation: Disabled
IPTables Help - Forwarding from one port to another


I am running Ubuntu 8.04, and how I want it is so that if any computer connects to the server on 10.20.117.x:445 it will forward it to 74.125.45.111:465 using <Server's IP> which is a public interface.

Any thoughts/ideas?

Code:
iptables -t nat -A PREROUTING  -p tcp -d 10.20.117.x --destination-port 465 -j DNAT --to-destination 74.125.45.111:465
iptables -t nat -A POSTROUTING -p tcp --dst 74.125.45.111 --dport 465 -j SNAT --to-source <Server's IP>
iptables -A FORWARD -p tcp -d 74.125.45.111 --dport 465 -j ACCEPT
 
Old 01-05-2009, 07:52 AM   #2
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
With a couple of changes (highlighted in bold below) to you first rule, I think that should work assuming that your routing table directs a destination of 74.125.45.111 out the interface you wish:

Code:
iptables -t nat -A PREROUTING  -p tcp -d 10.20.117.0/24 --destination-port 445 -j DNAT --to-destination 74.125.45.111:465
If you wish you can make your second rule more general where it will SNAT all LAN packets going out the public interface. In most cases this is what you would want:

Code:
LAN_IP=10.0.0.0/8
PUBLIC_IF=<public interface, e.g. eth1>
PUBLIC_IP=<Server's IP>

iptables -t nat -A POSTROUTING -s $LAN_IP -o $PUBLIC_IF -j SNAT --to-source $PUBLIC_IP
Adjust $LAN_IP, $PUBLIC_IF and $PUBLIC_IP as needed.

If you are unfamiliar with CIDR notation, you can read about it here. In a nutshell (quoting from the linked page):

Quote:
In CIDR notation, the number of 1.s in the binary version of the mask are counted from the left, and that number is appended to the end of the base address following a slash (/). In the example here the subnet would be listed in CIDR notation as 192.168.1.0/24.
 
Old 01-05-2009, 11:07 PM   #3
cedricd
LQ Newbie
 
Registered: Nov 2008
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thanks
 
  


Reply

Tags
firewall, forwarding, iptables, port, route


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
iptables - port forwarding satimis Linux - Networking 22 12-04-2006 09:44 AM
IpTables forwarding port 25 danrfxz Linux - Networking 1 11-27-2006 12:05 PM
iptables - port forwarding midiguy732 Linux - Networking 1 11-24-2005 01:40 AM
IPTables port forwarding.. NeoTech Linux - Networking 2 01-03-2005 11:27 AM


All times are GMT -5. The time now is 03:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration