|
iptables nat port forwarding rule set
I have been trying to do a port forward, but I am new to iptables.
I have two ethernet ports: eth0 WAN, and eth1 LAN I want anything which hits eth0 dport 2222 to be forwarded out eth1 to 192.168.1.5:8000 Do I need to do a FORWARD, PREROUTE and POSTROUTE rule? Or can I just do a PREROUTE I tried this with no luck: sudo iptables -A FORWARD -i eth0 -p tcp --dport 2222 -j ACCEPT sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2222 -j DNAT --to-destination 192.168.1.5:8000 Do I need the: sudo iptables -A FORWARD -i eth0 -p tcp --dport 2222 -j ACCEPT or will PREROUTE work without it? Do I need to FORWARD if I already have a routing table set up? |
for an example:
Code:
PORT=443 |
Nat forward port 29070
Hello, the Nat and the forward worked on my debian server up to the reboot of machines.
The following rules*: /sbin/iptables -t nat -A PREROUTING -p tcp -i eth2 -d xxx.xxx.xxx.xxx --dport 29070 -j DNAT --to-destination 10.0.1.7:29070 /sbin/iptables -A FORWARD -p tcp -i eth2 -o eth0 -d 10.0.1.7 --dport 29070 --sport 1024:65535 -m state --state NEW -j ACCEPT Since the reboot, that doesn't work any more. I have another rules towards one the others server and that her works. /sbin/iptables -t nat -A PREROUTING -p tcp -i eth2 -d xxx.xxx.xxx.xxx --dport 29082 -j DNAT --to-destination 10.0.1.8:29082 /sbin/iptables -A FORWARD -p tcp -i eth2 -o eth0 -d 10.0.1.8 --dport 29082 --sport 1024:65535 -m state --state NEW -j ACCEPT Thank you for your help . |
| All times are GMT -5. The time now is 06:23 PM. |