DNAT to web server inside LAN?
Hello all ,
I read Andersson's manual about iptables. The output of iptables -t nat -L are as follows debian:/home/# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere debian tcp dpt:www to:10.1.1.2 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination rules in script are as follows #!/bin/bash echo " Some comment " /sbin/depmod -a /sbin/modprobe ip_tables /sbin/modprobe ip_conntrack /sbin/modprobe ip_conntrack_ftp /sbin/modprobe ip_conntrack_irc /sbin/modprobe iptable_nat /sbin/modprobe ip_nat_ftp /sbin/modprobe ip_nat_irc echo " Enabling IP forwarding... " echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING --dst 150.1.1.1 -p tcp --dport 80 -j DNAT --to-destination 10.1.1.2:80 With this rule I want to forward all packets that coming from internet to my external ip address 150.1.1.1 to my internal ip address 10.1.1.2:80 to my web server. On my firewall I have two NICs, eth0=150.1.1.1 and eth1=10.1.1.1. On eth1 is connected with RJ-45 to web server. Only I want is to filter traffic from one NIC to other in order to make traffic filtering to my web server whitch is located in internal network. So write down your comments Thanks in advance. Best wishes. |
Quote:
Code:
#!/bin/bash |
All times are GMT -5. The time now is 10:10 PM. |