Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 08-03-2010, 12:46 PM   #1
LQ Newbie
Registered: Aug 2010
Posts: 9

Rep: Reputation: 0
IPTables port forwarding to routed IP


I have a linux server I'm intending to use as a firewall.
The server has the following adapters
eth0 - Public IP (VLAN2)
eth0:1 - Public IP2 (VLAN2)
eth1 - (VLAN4)

the Default gateway is my ISPs gateway.
Additionally, I have the following route set:
route add -net netmask gw

I have a server that exists on VLAN 208 at IP, its GW is (first IP in /21 range)

as it is on the network, traffic from the firewall is successfully routed from that server through my router to the FW and out to the Internet. The FW can ping, ssh, etc... the server and vice versa.

I want an iptables rule that will allow me to forward port 4401 on eth0:1 to

Is this possible since the IP is not on the same subnet as eth1, even though it is accessible?

I am very new to iptables, though I'm a bit better than a neophyte linux user. I have not made port forwards with it in the past without scripts to assist so I'm looking for not just "it is possible", but also the syntax of how to add it.

Thanks in advance.

Last edited by hobbes80; 08-03-2010 at 12:47 PM.
Old 08-03-2010, 03:57 PM   #2
Registered: Nov 2003
Location: Belgium
Distribution: Slackware
Posts: 182

Rep: Reputation: 25
IP2= ip address of eth0:1
iptables -t nat -A PREROUTING -d ${IP2} --protocol tcp --dport 4401 -j DNAT --to-destination

when the packet arrive with the destination address IP2 it will change the destination address to the one you specify at the end, then the normal routing will apply and the packet will end at the right place

make sure that there is a 1 in /proc/sys/net/ipv4/ip_forward
Old 08-03-2010, 07:51 PM   #3
LQ Newbie
Registered: Aug 2010
Posts: 9

Original Poster
Rep: Reputation: 0
Thank you, this resolved my issue.


firewall, iptables, nat

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables - port forwarding to blocked port? spangberg Linux - Networking 2 03-26-2010 04:48 AM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
IpTables forwarding port 25 danrfxz Linux - Networking 1 11-27-2006 12:05 PM
IPTABLES #Port Forwarding goldenmag Linux - Security 4 11-21-2003 07:10 AM
Iptables w/port forwarding claytonj25 Linux - Security 8 12-22-2001 08:30 AM

All times are GMT -5. The time now is 03:08 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration