LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Can someone help me to creat a IPTables rule (https://www.linuxquestions.org/questions/linux-newbie-8/can-someone-help-me-to-creat-a-iptables-rule-928238/)

danykallery 02-08-2012 12:46 AM

Can someone help me to creat a IPTables rule
 
i need all http traffic comes to 10.100.108.3 redirect to 10.20.10.100:80 port.

can some one help me to sort this issue. i am not goot in NAT configuration.

10.100.108.3 (Local Server) Connected with VPN username password

10.20.10.100 - Remote server



10.100.109.46/32 (Client http request)******-10.100.108.3/32-redirect-*******10.20.10.100:80

Whenever (10.100.109/110.0 / 32 network trying to connect 10.100.108.3:80...needs to get responds from 10.20.10.100:80

War3zWad|0 02-08-2012 05:56 AM

Well had you done any Google searches you would have come up with many different examples, but hey you go:

Code:

iptables -A PREROUTING -t nat -i ethX -p tcp --dport 80 -j DNAT --to 10.20.10.100:80
iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT

of course change ethX to the NIC that is going to be accepting and forwarding


Then to make it a little more secure you could specify the source network so the 10.100.109.46/32 only go to the forwarded port:
Code:

iptables -A PREROUTING -t nat -i eth1 -p tcp --source 10.100.109.46/32 --dport 80 -j DNAT --to 10.20.10.100:80
some sites with some good examples:
http://www.debian-administration.org/articles/73

http://www.cyberciti.biz/faq/linux-p...with-iptables/


Google can be your friend as there have been many before you that have wanted to do exactly what you are trying to do.

frankbell 02-08-2012 09:45 PM

Here's a link to the firewall script that one of the members of my LUG posted. Perhaps it will help.


All times are GMT -5. The time now is 07:16 AM.