LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 08-03-2010, 12:46 PM   #1
hobbes80
LQ Newbie
 
Registered: Aug 2010
Posts: 9

Rep: Reputation: 0
IPTables port forwarding to routed IP


Hello-

I have a linux server I'm intending to use as a firewall.
The server has the following adapters
eth0 - Public IP (VLAN2)
eth0:1 - Public IP2 (VLAN2)
eth1 - 10.241.4.4 (VLAN4)

the Default gateway is my ISPs gateway.
Additionally, I have the following route set:
route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.241.4.1

I have a server that exists on VLAN 208 at IP 10.241.209.67/21., its GW is 10.241.208.1 (first IP in /21 range)

as it is on the 10.0.0.0/8 network, traffic from the firewall is successfully routed from that server through my router to the FW and out to the Internet. The FW can ping, ssh, etc... the server and vice versa.

I want an iptables rule that will allow me to forward port 4401 on eth0:1 to 10.241.209.67:4401.

Is this possible since the IP is not on the same subnet as eth1, even though it is accessible?

I am very new to iptables, though I'm a bit better than a neophyte linux user. I have not made port forwards with it in the past without scripts to assist so I'm looking for not just "it is possible", but also the syntax of how to add it.

Thanks in advance.

Last edited by hobbes80; 08-03-2010 at 12:47 PM.
 
Old 08-03-2010, 03:57 PM   #2
tlowk
Member
 
Registered: Nov 2003
Location: Belgium
Distribution: Slackware
Posts: 151

Rep: Reputation: 23
IP2= ip address of eth0:1
iptables -t nat -A PREROUTING -d ${IP2} --protocol tcp --dport 4401 -j DNAT --to-destination 10.241.209.67:4401

when the packet arrive with the destination address IP2 it will change the destination address to the one you specify at the end, then the normal routing will apply and the packet will end at the right place

make sure that there is a 1 in /proc/sys/net/ipv4/ip_forward
 
Old 08-03-2010, 07:51 PM   #3
hobbes80
LQ Newbie
 
Registered: Aug 2010
Posts: 9

Original Poster
Rep: Reputation: 0
Thank you, this resolved my issue.
 
  


Reply

Tags
firewall, iptables, nat


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables - port forwarding to blocked port? spangberg Linux - Networking 2 03-26-2010 04:48 AM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 07:35 PM
IpTables forwarding port 25 danrfxz Linux - Networking 1 11-27-2006 12:05 PM
IPTABLES #Port Forwarding goldenmag Linux - Security 4 11-21-2003 07:10 AM
Iptables w/port forwarding claytonj25 Linux - Security 8 12-22-2001 08:30 AM


All times are GMT -5. The time now is 07:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration