IPtables redirect rules

IPtables redirect rules

[Linux]

[-- Attachment #1: Type: text/plain, Size: 302 bytes --]

Hi,

I have a Linux Firewall (MY GATEWAY) doing NAT for a LAN with the IP 192.168.0.x and I have a  Windows 2000 Server as a file server. I would like to do a VPN, but with Win2K. So I want to redirect all VPN requests from the linux machine to my Win2K server. How can I do that?

Thanks,
Charles

[-- Attachment #2: Type: text/html, Size: 855 bytes --]

RE: IPtables redirect rules

[Rob Sterenborg]

> VPN, but with Win2K. So I want to redirect all VPN 
> requests from the linux machine to my Win2K server. 
> How can I do that?

Patch the kernel with the latest patch-o-matic. You need the pptp
conntrack and nat modules.
Configure the kernel so that you get the pptp conntrack and nat modules,
then compile and install it.
Make sure you load the modules when you rebooted and everything goes
well.

The iptables rules :

iptables -P FORWARD DROP

iptables -A FORWARD -i <if_inet> -d <pptp_svr_ip> \
 -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -i <if_inet> -d <pptp_svr_ip> \
 -p gre -j ACCEPT
iptables -A FORWARD -i <if_inet> -d <pptp_svr_ip> \
 -p tcp --dport 1723 -j ACCEPT

iptables -t nat -A PREROUTING -i <if_inet> -p gre \
 -j DNAT --to-destination <pptp_svr_ip>
iptables -t nat-A PREROUTING -i <if_inet> -p tcp \
 --dport 1723 -j DNAT --to-destination <pptp_svr_ip>


But I have to tell you (and I read it from other people too) : I got
this working in the past (with kernel 2.4.17), but somehow I can't get
it working anymore. So I installed the poptop server which works fine.


Gr,
Rob