LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-08-2012, 12:46 AM   #1
danykallery
LQ Newbie
 
Registered: Oct 2006
Location: Kerala, India
Distribution: RedHat, Fedora, Cent OS
Posts: 23

Rep: Reputation: 0
Can someone help me to creat a IPTables rule


i need all http traffic comes to 10.100.108.3 redirect to 10.20.10.100:80 port.

can some one help me to sort this issue. i am not goot in NAT configuration.

10.100.108.3 (Local Server) Connected with VPN username password

10.20.10.100 - Remote server



10.100.109.46/32 (Client http request)******-10.100.108.3/32-redirect-*******10.20.10.100:80

Whenever (10.100.109/110.0 / 32 network trying to connect 10.100.108.3:80...needs to get responds from 10.20.10.100:80
 
Old 02-08-2012, 05:56 AM   #2
War3zWad|0
Member
 
Registered: Sep 2011
Location: Houston, TX
Distribution: openSuSE, Fedora, CentOS, Debian,, and others
Posts: 84

Rep: Reputation: Disabled
Well had you done any Google searches you would have come up with many different examples, but hey you go:

Code:
iptables -A PREROUTING -t nat -i ethX -p tcp --dport 80 -j DNAT --to 10.20.10.100:80
iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT
of course change ethX to the NIC that is going to be accepting and forwarding


Then to make it a little more secure you could specify the source network so the 10.100.109.46/32 only go to the forwarded port:
Code:
iptables -A PREROUTING -t nat -i eth1 -p tcp --source 10.100.109.46/32 --dport 80 -j DNAT --to 10.20.10.100:80
some sites with some good examples:
http://www.debian-administration.org/articles/73

http://www.cyberciti.biz/faq/linux-p...with-iptables/


Google can be your friend as there have been many before you that have wanted to do exactly what you are trying to do.
 
Old 02-08-2012, 09:45 PM   #3
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mint, OpenBSD
Posts: 11,361
Blog Entries: 12

Rep: Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751Reputation: 2751
Here's a link to the firewall script that one of the members of my LUG posted. Perhaps it will help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables: rule with RETURN target just after a rule with ACCEPT target Nerox Linux - Networking 6 09-04-2011 04:33 PM
[SOLVED] IPtables rule szboardstretcher Linux - Security 7 02-24-2011 08:30 PM
Iptables rule psix Linux - Security 3 11-08-2010 02:50 AM
iptables rule DJ29Joesph Linux - Security 4 11-04-2008 01:55 AM
help with iptables rule!! vishamr2000 Linux - Security 6 11-09-2005 06:34 AM


All times are GMT -5. The time now is 07:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration