From: bdameron@tscnet.net
To: netfilter@lists.netfilter.org
Subject: Re: Packet forwarding.
Date: Wed, 7 Apr 2004 10:25:21 -0700 [thread overview]
Message-ID: <1081358721.40743981919b2@mail.tscnet.net> (raw)
In-Reply-To: <200404071814.34654.Antony@Soft-Solutions.co.uk>
Quoting Antony Stone <Antony@Soft-Solutions.co.uk>:
> On Wednesday 07 April 2004 6:00 pm, bdameron@tscnet.net wrote:
>
> > I have 2 linux machines. One is accessable via the outside world
> (Internet
> > machine) the other has no outside connectivity (LAN Machine). I need to
> > redirect port 443 traffic to and from the LAN server via the Internet
> > machine. Is this possible with Iptables?
>
> Yes. Have you read any of the tutorials or HOWTOs available from
> http://www.netfilter.org to find out what it can do and how to make it do
> it?
>
> > I have setup packet forwarding but then the LAN server tries to connect
> > directly to the client machine instead of to the Internet machine. Any
> > direction appreciated.
>
> If you tell us what your rules are and give us some more detail about your
> network setup, we might be able to help, however a better solution for you is
>
> to look at some of the excellent documentation available to learn how to do
> it yourself. This is not a hard problem, and you will be able to manage
> your system much better in future if you understand more about how it works.
>
> One very important detail which is not clear from your description above is:
>
> where is the "client machine" located?
>
> Regards,
>
> Antony.
>
Client machine being anyone from the outside world. And I have looked over
some of the documentation. Basically there is no current firewall policies. Just
want anything coming in on xxx.xxx.xxx.xxx:443 (Internet Machine) to be routed
to 10.10.1.110:443 (Internal Lan Machine). Looks like I need to mangle the
packet header so that the Lan machine thinks that the Internet machine is
sending the packet and then have the Internet machine redirect the packet to the
client. Client again being someone on the Internet. Not sure if this can be done
or not. Correct me if I am wrong.
--
Thank you,
Brad Dameron
next prev parent reply other threads:[~2004-04-07 17:25 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-07 17:00 Packet forwarding bdameron
2004-04-07 17:14 ` Antony Stone
2004-04-07 17:25 ` bdameron [this message]
2004-04-07 17:37 ` Antony Stone
2004-04-07 20:04 ` bdameron
2004-04-07 20:30 ` Antony Stone
2004-04-07 17:28 ` Alexis
-- strict thread matches above, loose matches on Subject: below --
2003-06-25 15:27 packet forwarding Drake Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1081358721.40743981919b2@mail.tscnet.net \
--to=bdameron@tscnet.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.