Hi,
How can I config iptables to allow port forwarding from one WAN interface to second lan interface .
In my system I have one wan interface 61.93.204.56 (eth0),and lan interface 10.2.1.52(eth1)
I want to make port forward port no 22 from 61.93.204.56 to
port 22 , 10.2.1.52 , tcp and udp
I try below command but all are not work
Code:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -p tcp -d 10.2.1.52 --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -p udp -i eth0 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -p udp -d 10.2.1.52 --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Code:
iptables -A PREROUTING -p tcp -m tcp -d 61.93.204.56 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -m state -p tcp -d 10.2.1.52 --dport 22 --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -p tcp -m tcp -s 10.2.1.52 --sport 22 -j SNAT --to-source 61.93.204.56
Code:
iptables -A PREROUTING -t nat -i eth0 -p udp --dport 22 -j DNAT --to 10.2.1.52:22
iptables -A INPUT -p udp -m state --state NEW --dport 22 -i eth0 -j ACCEPT
iptables -A FORWARD -p tcp -m state --state NEW -d 10.2.1.52 --dport 22 -j ACCEPT
Code:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 22 -j DNAT --to 10.2.1.52:2
iptables -A FORWARD -p tcp -i eth0 -o eth2 -d 10.2.1.52 --dport 22 -j ACCEPT
Please advice how can I make it work .
And how can I open debug for above iptables rule and see what is wrong ???
Please advice ..
