LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 12-17-2009, 03:15 AM   #1
brb_bart
LQ Newbie
 
Registered: Dec 2009
Posts: 1

Rep: Reputation: 0
iptables redirect all traffic from external ip to internal ip


Hi,

I have Linux 2.6.18-164.6.1.el5 and I try to redirect all traffic from external IP configured on ifcfg-eth0:2 to one Win virtual machine VMware (host-only) using iptables.

I tried:

Code:
iptables -t nat -A PREROUTING -d 74.36.32.241 -j DNAT --to-destination 192.168.0.10
iptables -t nat -A POSTROUTING -s 192.168.0.10 -j SNAT --to-source 74.36.32.241
but doesn't work, I think I'm missing something.

I'm a newbie, please help!

This are my current rules, but doesn't work:

Code:
Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Table: nat
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    DNAT       all  --  0.0.0.0/0            74.36.32.241       to:192.168.0.10 
2    DNAT       all  --  0.0.0.0/0            74.36.32.241       to:192.168.0.10 
3    DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3389 to:192.168.0.10:3389 

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    SNAT       all  --  192.168.0.10        0.0.0.0/0           to:74.36.32.241 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3389 
2    spamlist   all  --  0.0.0.0/0            0.0.0.0/0           
3    DROP       tcp  --  0.0.0.0/0            127.0.0.0/8         
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
5    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
6    DROP       all  --  224.0.0.0/4          0.0.0.0/0           
7    PUB_IN     all  --  0.0.0.0/0            0.0.0.0/0           
8    PUB_IN     all  --  0.0.0.0/0            0.0.0.0/0           
9    PUB_IN     all  --  0.0.0.0/0            0.0.0.0/0           
10   PUB_IN     all  --  0.0.0.0/0            0.0.0.0/0           
11   DROP       all  --  0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    spamlist   all  --  0.0.0.0/0            0.0.0.0/0           
2    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  192.168.0.0/24       0.0.0.0/0           
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3389 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    spamlist   all  --  0.0.0.0/0            0.0.0.0/0           
2    PUB_OUT    all  --  0.0.0.0/0            0.0.0.0/0           
3    PUB_OUT    all  --  0.0.0.0/0            0.0.0.0/0           
4    PUB_OUT    all  --  0.0.0.0/0            0.0.0.0/0           
5    PUB_OUT    all  --  0.0.0.0/0            0.0.0.0/0           

Chain INT_IN (0 references)
num  target     prot opt source               destination         
1    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
2    DROP       all  --  0.0.0.0/0            0.0.0.0/0           

Chain INT_OUT (0 references)
num  target     prot opt source               destination         
1    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
2    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           

Chain PAROLE (30 references)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           

Chain POSTROUTING (0 references)
num  target     prot opt source               destination         

Chain PREROUTING (0 references)
num  target     prot opt source               destination         

Chain PUB_IN (4 references)
num  target     prot opt source               destination         
1    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 0 
3    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 11 
4    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 
6    PAROLE     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21 
10   PAROLE     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
37   DROP       icmp --  0.0.0.0/0            0.0.0.0/0           
38   DROP       all  --  0.0.0.0/0            0.0.0.0/0           

Chain PUB_OUT (4 references)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           

Chain spamlist (3 references)
num  target     prot opt source               destination         
1    LOG        all  --  91.150.170.5         0.0.0.0/0           LOG flags 0 level 4 prefix `SPAM LIST DROP' 
2    DROP       all  --  91.150.170.5         0.0.0.0/0
 
Old 12-17-2009, 07:56 PM   #2
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Have you enabled forwarding?
echo "1" > /proc/sys/net/ipv4/ip_forward?

Last edited by nimnull22; 12-17-2009 at 08:05 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[HELP] redirect traffic to spesific port based on Traffic Content using iptables summersgone Linux - Server 2 06-22-2009 12:26 PM
Routing internal traffic to external kzsolt Linux - Networking 7 05-21-2009 01:17 PM
Redirect all traffic to IP nn to internal IP xx Red Squirrel Linux - Networking 1 03-17-2009 06:20 PM
IPTABLES redirect to a different port on another device on the same internal network. jsurles Linux - Networking 1 04-07-2008 08:01 PM
Redirect traffic to internal IP? xmutex Linux - Networking 1 08-13-2001 11:29 AM


All times are GMT -5. The time now is 02:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration