From: "Ranjeet Shetye" <ranjeet.shetye@zultys.com>
To: netfilter@lists.netfilter.org
Subject: RE: natting specific ports
Date: Fri, 13 Dec 2002 09:57:34 -0800 [thread overview]
Message-ID: <000c01c2a2d1$1e14cf20$0100a8c0@zultys.com> (raw)
In-Reply-To: <CAFAAEC91CC8D511952000062938C6F12ECDC0@ozlan.fcdomain.net>
Hi Doug,
Do you want to NAT for traffic coming in or for traffic going out ?
If you want your internal network to be able to reach external telnet
and smtp servers, then your destination port will be 23 or 25, not your
source port.
If you want to host telnet and smtp servers behind a firewall and allow
only NATted access to these servers, then you should be using DNAT, not
SNAT.
Hope this helps,
Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
771 Vaqueros Avenue
Sunnyvale CA 94085
USA
Ranjeet.Shetye@Zultys.com
http://www.zultys.com/
> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org
> [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of
> Simpson, Doug
> Sent: Friday, December 13, 2002 9:49 AM
> To: 'netfilter@lists.netfilter.org'
> Subject: natting specific ports
>
>
> I want to "NAT" just specific ports to my Public IP. Do the
> commands below make sense? I want my internal network to be
> able to telnet and send email. (eth0 is my External NIC - it
> is exposed to the internet)
> iptables -t nat -A POSTROUTING -p tcp --sport 25 -o eth0 -s
> $INTERNAL_IP -j SNAT --to $EXTERNAL_IP iptables -t nat -A
> POSTROUTING -p tcp --sport 23 -o eth0 -s $INTERNAL_IP -j SNAT
> --to $EXTERNAL_IP
>
> Thank you,
> Doug
>
next prev parent reply other threads:[~2002-12-13 17:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-13 17:48 natting specific ports Simpson, Doug
2002-12-13 17:57 ` Ranjeet Shetye [this message]
[not found] <CAFAAEC91CC8D511952000062938C6F12ECDC4@ozlan.fcdomain.net>
2002-12-13 19:34 ` Ranjeet Shetye
[not found] <CAFAAEC91CC8D511952000062938C6F12ECDC6@ozlan.fcdomain.net>
2002-12-13 20:14 ` Ranjeet Shetye
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000c01c2a2d1$1e14cf20$0100a8c0@zultys.com' \
--to=ranjeet.shetye@zultys.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.