All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Ranjeet Shetye" <ranjeet.shetye@zultys.com>
To: netfilter@lists.netfilter.org
Subject: Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ?
Date: Thu, 12 Dec 2002 16:24:48 -0800	[thread overview]
Message-ID: <000001c2a23e$0be22fc0$0100a8c0@zultys.com> (raw)


[-- Attachment #1.1: Type: text/plain, Size: 865 bytes --]

 
DNAT:
 
Is it possible to have a SINGLE (DNAT?) rule that will let me do 1:1
port-forwarding over a range of ports while doing Destination NAT.
 
e.g. Any incoming connections to 64.1.0.20:100-101 need to be mapped to
172.16.0.100:200-201 for the TCP protocol.
 
such that a connection to port 101 will ALWAYS map to port 201 and a
connection to port 100 will ALWAYS map to port 200.
 
Under current DNAT port range scenario, the connection goes to the
lowest port that is free e.g. a port 101 connection will be DNATt'ed to
port 200 if port 200 is free.
 
The reason for wanting a 1:1 rule is for X windows and other fat port
ranges. Dont want hundreds of rules in there if one can do the job. Can
IPTables do it ? If so how ? If not, I guess I'll have to get in touch
with the developers for tips on a good starting point.
 
Thanks in advance,
Ranjeet Shetye



[-- Attachment #1.2: Type: text/html, Size: 2123 bytes --]

[-- Attachment #2: Leaves Bkgrd.jpg --]
[-- Type: image/jpeg, Size: 4389 bytes --]

             reply	other threads:[~2002-12-13  0:24 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-12-13  0:24 Ranjeet Shetye [this message]
  -- strict thread matches above, loose matches on Subject: below --
2002-12-13  0:34 Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Ranjeet Shetye
2002-12-13 12:02 ` Andrea Rossato
2002-12-13 17:45   ` Ranjeet Shetye

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='000001c2a23e$0be22fc0$0100a8c0@zultys.com' \
    --to=ranjeet.shetye@zultys.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.