Dual-home and forward outgoing requests

Dual-home and forward outgoing requests

[Andy Lego]

Hello,

I have a dual-homed network. Is there any way to tell iptables to
forward all requests for specific service, that come from one
interface, to go back out on the same interface?

Right now I have simply:

-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -o eth1 -j MASQUERADE

So, what am I missing?

Thank you.

--
http://legoandy.com

Re: Dual-home and forward outgoing requests

[Chinh Nguyen]

Andy Lego wrote:
> Hello,
> 
> I have a dual-homed network. Is there any way to tell iptables to
> forward all requests for specific service, that come from one
> interface, to go back out on the same interface?
> 
> Right now I have simply:
> 
> -A POSTROUTING -o eth0 -j MASQUERADE
> -A POSTROUTING -o eth1 -j MASQUERADE
> 
> So, what am I missing?
> 
> Thank you.
> 
> --
> http://legoandy.com
> 
Not sure what you mean. Say your device is 10.0.1.5, do you mean that if someone
was to telnet to 10.0.1.5 you would forward it to 10.0.1.10 (10.0.1.0/24 is on
eth0)?

The simplest is to have ip_forwarding on. Then add DNAT and MASQUERADE rules.
Linux routing should take care of the rest.

iptables -A PREROUTING -t nat -p tcp -s 10.0.1.0/24 --dport 23 -j DNAT --to
10.0.1.10
iptables -A POSTROUTING -t nat -j MASQUERADE