LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Iptables and DMZ
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-28-2008, 03:01 AM   #1
scroogie
LQ Newbie
 
Registered: Feb 2008
Posts: 1

Rep: Reputation: 0
Iptables and DMZ

Hello All

I really really need help on setting up a dmz. I have the following:

eth0 - internal network (*.*.225.20)
eth1 - connect to dsl router (*.*.224.7)
eth2 - dmz (*.*.223.27)

In my dmz I have a web server running apache.

I want to be able to access the webpage from the internet, i have a domain and external dns servers as well as a internal dns server.

What must the iptables look like to forward http request from the internet(eth1) to the dmz (eth2)

Hope this make sense
 
Old 02-28-2008, 03:09 AM   #2
billymayday
LQ Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Try reading this

http://iptables-tutorial.frozentux.net/
 
Old 02-28-2008, 05:39 AM   #3
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by scroogie View Post
What must the iptables look like to forward http request from the internet(eth1) to the dmz (eth2)
It should look like any of the port-forwarding illustrations which are available all over the Web.

Something like this (assuming a FORWARD policy of DROP):
Code:
iptables -t nat -A PREROUTING -p TCP -i eth1 --dport 80 -j DNAT \
--to-destination 192.168.223.27

iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -p TCP -i eth1 -o eth2 --dport 80 \
-d 192.168.223.27 -m state --state NEW -j ACCEPT
Last edited by win32sux; 02-28-2008 at 05:41 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables DMZ garnser Linux - Security 2 12-15-2007 12:14 AM
question about iptables (DMZ machine connect to other DMZ machine 's publuic IP) wingmak Linux - Security 1 01-20-2007 04:01 PM
IPTABLES DMZ Rules metallica1973 Linux - Security 5 12-29-2006 09:42 AM
iptables + DMZ Braytac Linux - Networking 3 10-06-2006 05:57 AM
Setting up DMZ with iptables.... ghost-ils Linux - Networking 0 09-09-2001 07:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:34 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration