Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm trying to set up IP masquerading under iptables. Essentially, I want to forward any traffic to port 7070 on a static IP address machine to a DHCP assigned address (192.168.1.*) machine behind it to port 80 since we've got no public IP addresses spare. After reading up on iptables, I figured this should work as a config (/etc/sysconfig/iptables) on the static IP machine: -
Code:
-A PREROUTING -p tcp -i eth0 --dport 7070 -j DNAT --to 192.168.1.8:80
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p tcp -i eth0 -o eth0 -d 192.168.1.8 --dport 80 -m state --state NEW -j ACCEPT
...but when restarting the iptables service, it complains about the first line (but fails to explain why). What am I doing wrong?
I've enabled ip_forward = 1 module.
I'm also not sure if I should be editing the /etc/sysconfig/iptables file directly....how should this be done usually? I'm using Fedora 12.
...
I'm trying to set up IP masquerading under iptables. Essentially, I want to forward any traffic to port 7070 on a static IP address machine to a DHCP assigned address (192.168.1.*)
...
1. Masquerading and forwarding - two different tasks.
2. Forward traffic to DHCP assigned IP is difficult, because how knows which IP your host will get next time. I suggest to give it a static IP, like 192.168.1.20.
Thanks spampig for your helpful response - I'll try it. I gather using "iptables" from the command-line is different to inserting this rule directly into the iptables config file? I've inserted rule like this before, but they don't seem to be reflected in the /etc/sysconfig/iptables config file. Where are these rules stored if not there? I'd prefer to add these directives directly to some sort of configuration file, if possible.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.