From: Taylor Grant <gtaylor@riverviewtech.net>
To: elg3ne <sun@dap.edu.ph>
Cc: netfilter@lists.netfilter.org
Subject: Re: IP Forwading from Local IP to Live IP
Date: Tue, 19 Apr 2005 02:44:58 -0500 [thread overview]
Message-ID: <4264B6FA.6080102@riverviewtech.net> (raw)
In-Reply-To: <002a01c544b5$2222c300$0b01a8c0@dap.edu.ph>
> Hi guys, Im new to iptables.. hope someone can help me to this.
>
> The situation is this, I have a webserver running on a local network machine
> (192.168.1.3) & I want it to be accessible outside my network. Is it
> possible?
>
> setup is like this:
>
> workstation (192.168.1.3) ---> HUB ---> server ( LIVE IP, accessible
> everywhere on the net )
>
> when user access the live IP ex. 10.0.0.3 can he forward to get the files on
> the worstation?
I think you are talking about simple port forwarding. To accomplish this you would want to run such a set up on server / router / firewall.
iptables -t nat -A PREROUTING -i $INet_Interface -d 10.0.0.3 -p tcp --dport $Port_of_Service -j DNAT --to-destination 192.168.1.3:$Port_of_Service
iptables -t nat -A PREROUTING -i $INet_Interface -d 10.0.0.3 -p udp --dport $Port_of_Service -j DNAT --to-destination 192.168.1.3:$Port_of_Service
iptables -t nat -A POSTROUTING -o $LAN_Interface -d 192.168.1.3 -p tcp --dport $Port_of_Service -j SNAT --to-source $Internal_IP_of_Server
iptables -t nat -A POSTROUTING -o $LAN_Interface -d 192.168.1.3 -p udp --dport $Port_of_Service -j SNAT --to-source $Internal_IP_of_Server
This will take any TCP or UDP traffic that is coming in to the server to port $Port_of_Service and (port) forward it to 192.168.1.3 where the traffic will be handled as if it were originally destined to the internal system.
Grant. . . .
next prev parent reply other threads:[~2005-04-19 7:44 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-15 15:51 Logging Mario Udina
2004-03-15 16:07 ` Logging Frederic de Villamil
2004-03-15 16:08 ` Logging Antony Stone
2005-04-19 7:55 ` IP Forwading from Local IP to Live IP elg3ne
2005-04-19 7:44 ` Taylor Grant [this message]
2005-04-19 8:41 ` elg3ne
2005-04-19 19:12 ` Taylor, Grant
2005-04-19 11:42 ` Jason Opperisano
2004-03-15 16:25 ` Logging Frank Gruellich
2004-03-15 16:36 ` Logging forum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4264B6FA.6080102@riverviewtech.net \
--to=gtaylor@riverviewtech.net \
--cc=netfilter@lists.netfilter.org \
--cc=sun@dap.edu.ph \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox