Port forwarding and IPtables commands
Alexander Dalloz
ad+lists at uni-x.org
Fri Jan 14 14:24:07 UTC 2005
Am Fr, den 14.01.2005 schrieb Tammar K. Ajam um 10:36:
> i have two PCs, one with two Ethernet cards, one of them is for an
> external connection (ISP connection) and the other is for the internal
> client connection.
> eth0 (Internal connection - 192.168.0.1/24)
> eth1 (External connection , ISP - x.x.x.x/x)
>
> the other PC have FC3 installed with Squid and act as a web cache
> server. and it have one Ethernet, eth0. it's connected to the Internal
> network.
> eth0 (Internal network - IP 192.168.0.2/255.255.255.0)
> what i need is to configure (on the coyote PC) the IPtable to forward
> all request on port 80 (http port) to my FC3 machine on port 3128 the
> default port for Squid.
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 \-j REDIRECT -d
> 192.168.0.2/24 --to-port 3128
> Tammar
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
192.168.0.2:3128
Maybe you have need to preroute UDP too.
And you will have to allow the traffic in the FORWARD chain, like i.e.
iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
Alexander
--
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.8_FC2smp
Serendipity 15:15:12 up 3 days, 13:26, load average: 0.38, 0.52, 0.40
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050114/d153f913/attachment-0002.bin
More information about the users
mailing list