All of lore.kernel.org
 help / color / mirror / Atom feed
* Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ?
@ 2002-12-13  0:34 Ranjeet Shetye
  2002-12-13  9:02 ` Query.... redirecting traffic Paul Gibson
  2002-12-13 12:02 ` Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Andrea Rossato
  0 siblings, 2 replies; 7+ messages in thread
From: Ranjeet Shetye @ 2002-12-13  0:34 UTC (permalink / raw)
  To: netfilter


Reposting without all the MIME attachments - my apologies for the crud
from Outlook. Here's my question again in plaintext.

DNAT:
 
Is it possible to have a SINGLE (DNAT?) rule that will let me do 1:1
port-forwarding over a range of ports while doing Destination NAT.
 
e.g. Any incoming connections to 64.1.0.20:100-101 need to be mapped to
172.16.0.100:200-201 for the TCP protocol.
 
such that a connection to port 101 will ALWAYS map to port 201 and a
connection to port 100 will ALWAYS map to port 200.
 
Under current DNAT port range scenario, the connection goes to the
lowest port that is free e.g. a port 101 connection will be DNATt'ed to
port 200 if port 200 is free.
 
The reason for wanting a 1:1 rule is for X windows and other fat port
ranges. Dont want hundreds of rules in there if one can do the job. Can
IPTables do it ? If so how ? If not, I guess I'll have to get in touch
with the developers for tips on a good starting point.
 
Thanks in advance,
Ranjeet Shetye.




^ permalink raw reply	[flat|nested] 7+ messages in thread
* Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ?
@ 2002-12-13  0:24 Ranjeet Shetye
  0 siblings, 0 replies; 7+ messages in thread
From: Ranjeet Shetye @ 2002-12-13  0:24 UTC (permalink / raw)
  To: netfilter


[-- Attachment #1.1: Type: text/plain, Size: 865 bytes --]

 
DNAT:
 
Is it possible to have a SINGLE (DNAT?) rule that will let me do 1:1
port-forwarding over a range of ports while doing Destination NAT.
 
e.g. Any incoming connections to 64.1.0.20:100-101 need to be mapped to
172.16.0.100:200-201 for the TCP protocol.
 
such that a connection to port 101 will ALWAYS map to port 201 and a
connection to port 100 will ALWAYS map to port 200.
 
Under current DNAT port range scenario, the connection goes to the
lowest port that is free e.g. a port 101 connection will be DNATt'ed to
port 200 if port 200 is free.
 
The reason for wanting a 1:1 rule is for X windows and other fat port
ranges. Dont want hundreds of rules in there if one can do the job. Can
IPTables do it ? If so how ? If not, I guess I'll have to get in touch
with the developers for tips on a good starting point.
 
Thanks in advance,
Ranjeet Shetye



[-- Attachment #1.2: Type: text/html, Size: 2123 bytes --]

[-- Attachment #2: Leaves Bkgrd.jpg --]
[-- Type: image/jpeg, Size: 4389 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2002-12-13 17:45 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-13  0:34 Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Ranjeet Shetye
2002-12-13  9:02 ` Query.... redirecting traffic Paul Gibson
2002-12-13  9:47   ` Sander Sneekes
2002-12-13  9:57     ` Paul Gibson
2002-12-13 12:02 ` Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Andrea Rossato
2002-12-13 17:45   ` Ranjeet Shetye
  -- strict thread matches above, loose matches on Subject: below --
2002-12-13  0:24 Ranjeet Shetye

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.