Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Once I had an IPcup firewall, really it was great. One of the things I did with, I could forward port 3389 (remote desktop) to more than one host (DNAT). For example, you can add 2 rules, each of them to source port 3389, but each of them redirect you to different host (different destination ip with different distnation port). If I want to connect to to any one of them from home through remote desktop just ->
(PUBLIC IP:destination port), the port is the the destination one.
My wondering is how to do that with iptables? how could I set rules to redirect to two different hosts,
At basic
iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-source 192.168.1.10
For the case one with 2 different external ips, its totally understood.
But for the second scenario, you put different destination ports for the connection to the external ip and none of them is 3389, 3389 ports are used for each internal ips we want to connect to. Now, how could we connect from outside? Is that like (public iport(3310 or 3320 or 3330)), How the server would distinguish that for the remote desktop tool if we connect to ports not 3389 ones and there is no 3389 in the rule for the public ip?
For the case one with 2 different external ips, its totally understood.
Cool.
Quote:
But for the second scenario, you put different destination ports for the connection to the external ip and none of them is 3389, 3389 ports are used for each internal ips we want to connect to. Now, how could we connect from outside? Is that like (public iport(3310 or 3320 or 3330)), How the server would distinguish that for the remote desktop tool if we connect to ports not 3389 ones and there is no 3389 in the rule for the public ip?
Yes, depending on which port on the public IP you connect to, you will be forwarded to the appropriate box. The ports on the outside don't need to be the same as the ones on the inside.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.