All package in door 25 of the interface "eth0" needs to be redirected for door 25 of the IP aliasing "eth1:0 192.168.0.253"
eth0 = internet (10.1.1.2)
eth1 = lan (192.168.0.254)
eth1:0 = ip aliasing (192.168.0.253)
Code:
#!/bin/bash
LAN=192.168.0.0/24
modprobe ip_tables
modprobe iptable_filter
modprobe iptable_mangle
modprobe iptable_nat
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
iptables -F
iptables -Z
iptables -X
iptables -t nat -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
iptables -t mangle -A OUTPUT -o eth0 -p tcp -m multiport --dports 80,22 -j TOS --set-tos 0x10
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 143 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 3128 -j ACCEPT
iptables -A INPUT -i eth1 -p icmp -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 3389 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 5631 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 5632 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 53 -j ACCEPT
iptables -A FORWARD -i eth1 -p udp --dport 53 -j ACCEPT
iptables -A FORWARD -i eth1 -p tcp --dport 443 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.0.253
But it is not functioning, somebody knows the reason?
