All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Jörg Harmuth" <harmuth@mnemon.de>
To: netfilter@lists.netfilter.org
Subject: Re: Forwarding to another ip:port based on source
Date: Tue, 25 Oct 2005 12:07:24 +0200	[thread overview]
Message-ID: <435E03DC.90900@mnemon.de> (raw)
In-Reply-To: <200510240628.j9O6Skw3002058@linux.tonyspencer.co.uk>

Tony Spencer wrote:
> Hi 
> 
> Is it possible to have an IPTables rule that will forward any packets on a
> given port to another ip address and port based on where the packet came
> from?

Yes

> For example if I have a server on IP 192.168.0.1 and any requests into that
> server on port 80 from a source IP of 192.168.1.10 and want to force those
> packets to our squid server 192.168.0.11 on port 3128. But only for the IP
> 192.168.1.10, all other requests to the server on port 80 should stay local?

Use -s option like this:

-t nat -A PREROUTING -p tcp --dort 80 -s 192.168.1.10 \
    -j DNAT --to 192.168.0.11:3128

Probably you will have to SNAT too. Watch with tcpdump.

HTH,

Joerg



      reply	other threads:[~2005-10-25 10:07 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-24  6:29 Forwarding to another ip:port based on source Tony Spencer
2005-10-25 10:07 ` Jörg Harmuth [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=435E03DC.90900@mnemon.de \
    --to=harmuth@mnemon.de \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.