[LARTC] Router for giving more than 1 ip

From: carlos lorente <soygayperotu@eresmas.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Router for giving more than 1 ip
Date: Thu, 28 Aug 2003 22:18:05 +0000	[thread overview]
Message-ID: <marc-lartc-106228319506856@msgid-missing> (raw)

Hi i have a debian box working as a router.. it works quite well, now 
i want to give more than 1 ip.. is it possible to do it? some of them 
must be an open ip.. i mean.. all ports opened is it possible? how 
should i do it?

Here is my nat.sh script just in case someone wants it.. (comments r 
in spanish.. and not right)

Thanks in advance,

#!/bin/sh

echo "AthoS LaN Generando iptables..." > /dev/tty12

#limpiamos las tablas de iptables
iptables -F
iptables -t nat -F
iptables -t filter -F

#eth1 sera la interfaz de internet
iptables --table nat --append POSTROUTING --out-interface eth1 -j 
MASQUERADE

#eth0 la interfaz de la red local
iptables --append FORWARD --in-interface eth0 -j ACCEPT

#activamos el forward
echo 1 > /proc/sys/net/ipv4/ip_forward

#reglas para enrutado de paketes...

#1.- redirecciona las peticiones del puerto 21 a mi pc
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 21 -j DNAT --to 
192.168.0.16:21
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 143 -j DNAT --to 
192.168.0.16:143
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 993 -j DNAT --to 
192.168.0.16:993
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 995 -j DNAT --to 
192.168.0.16:995
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 110 -j DNAT --to 
192.168.0.16:110
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 10000 -j DNAT --
to 192.168.0.16:10000
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 
192.168.0.16:80
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 8000 -j DNAT --to 
192.168.0.16:8000
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 8000 -j DNAT --to 
192.168.0.16:8000
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 8001 -j DNAT --to 
192.168.0.16:8001
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 8001 -j DNAT --to 
192.168.0.16:8001
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5555 -j DNAT --to 
192.168.0.13:5555
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 5556 -j DNAT --to 
192.168.0.13:5556

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 53 -j DNAT --to 
192.168.0.16:53
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 53 -j DNAT --to 
192.168.0.16:53
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 23 -j DNAT --to 
192.168.0.16:23
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 23 -j DNAT --to 
192.168.0.16:23
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 25 -j DNAT --to 
192.168.0.16:25
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 110 -j DNAT --to 
192.168.0.16:110
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 3306 -j DNAT --to 
192.168.0.16:3306
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 143 -j DNAT --to 
192.168.0.16:143
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 143 -j DNAT --to 
192.168.0.16:143
#2.- redirecciona los dccs a mi pc
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4502:4510 -j 
DNAT --to 192.168.0.13:4502-4510
#3.- puertos para el msn (para enviar)
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 6891:6899 -j 
DNAT --to 192.168.0.13:6891-6899
#4.- puertos para el emule

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5800 -j DNAT --to 
192.168.0.165:5800
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 1433 -j DNAT --to 
192.168.0.165:1433
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4500 -j DNAT --to 
192.168.0.13:4500
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5900 -j DNAT --to 
192.168.0.165:5900
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 6900 -j DNAT --to 
192.168.0.166:6900
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 2593 -j DNAT --to 
192.168.0.165:2593
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4501 -j DNAT --to 
192.168.0.166:4501
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4000 -j DNAT --to 
192.168.0.166:4000
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 7000 -j DNAT --to 
192.168.0.166:7000
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 6901 -j DNAT --to 
192.168.0.113:6901

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4661 -j DNAT --to 
192.168.0.13:4661
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4662 -j DNAT --to 
192.168.0.13:4662
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 6699 -j DNAT --to 
192.168.0.13:6699
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 7751 -j DNAT --to 
192.168.0.13:7751
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 6257 -j DNAT --to 
192.168.0.13:6257

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4668 -j DNAT --to 
192.168.0.62:4668
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 7373 -j DNAT --to 
192.168.0.8:7373
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 7372 -j DNAT --to 
192.168.0.8:7372
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 20 -j DNAT --to 
192.168.0.8:20
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 7373 -j DNAT --to 
192.168.0.8:7373

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4666 -j DNAT --to 
192.168.0.8:4666
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 4669 -j DNAT --to 
192.168.0.61:4669

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 22 -j DNAT --to 
192.168.0.16:22
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 27960 -j DNAT --
to 192.168.0.13:27960
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 27960 -j DNAT --
to 192.168.0.13:27960
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 2037 -j DNAT --to 
192.168.0.13:2037
iptables -t nat -A PREROUTING -i eth1 -p udp --dport 2037 -j DNAT --to 
192.168.0.13:2037
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 6969 -j DNAT --to 
192.168.0.2:6969

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/