Iptables help w/ internal interface
I'm looking to set up IMAP for people to use outside of work and inside of work. The problem is that I don't want to have them to have to keep changing the server to connect to. Externally they would have to connect to "www.server.com:4566", and internally "server:4566". I have and external adapter "eth0" and an internal adapter "eth1", plus a server running the imap server. I can make the connect from eth0 to the imap server, how do I make the connection bounce from eth1 to the imap server?
I've tried:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4566 -j DNAT --to-destination 192.168.0.249:4566
iptables -t filter -A FORWARD -i eth1 -o eth1 -p tcp -m state --dport 4566 --syn --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth1 -d 192.168.0.249 --dport 4566 -j ACCEPT
The last two not at the same time.
If some has a better idea about how to do it, I'd appreciate it.
TIA
|