Linux Iptables: verschil tussen versies

Uit Rolandow
Ga naar: navigatie, zoeken
(Nieuwe pagina aangemaakt met '= port forwarding = This seemed to work for me: First of all - you should check if forwarding is allowed at all: <source lang="bash"> cat /proc/sys/net/ipv4/conf/pp…')
(geen verschil)

Versie van 25 jul 2011 om 13:30

port forwarding

This seemed to work for me:

First of all - you should check if forwarding is allowed at all: 

cat /proc/sys/net/ipv4/conf/ppp0/forwarding 
cat /proc/sys/net/ipv4/conf/eth0/forwarding

If both returns '1' it's ok. If not do following: 

echo '1' > /proc/sys/net/ipv4/conf/ppp0/forwarding
echo '1' > /proc/sys/net/ipv4/conf/eth0/forwarding

Second thing - DNAT could be applied on nat table only. So, your rule should be extended of table specification ('-t nat'): 

iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 8001 -j DNAT --to-destination 192.168.1.200:8080
iptables -A FORWARD -p tcp -d 192.168.1.200 --dport 8080 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Both rules are applied only to tcp traffic (if you want to alter udp as well, you need to provide similar rules but with '-p udp' option set).

Last, but not least is routing configuration. Type: 

ip route

and check if 192.168.1.0/24 is among returned routing entries.

Source at serverfault

Overgenomen van "https://wiki.rolandow.com/index.php?title=Linux_Iptables&oldid=73"