Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Sort Of Router With Iptables
slaperke
post May 12 2004, 08:05 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 1
Joined: 12-May 04
Member No.: 2,933



Hey, i've got a little problem,
I want set up my linuxpc with iptables so that he redirect the packets which he gets (http,ftp) from a webserver(serverA) to a ftp and an httpserver(server B and C). but with the information i get i can't do it very well. can anyone help me?

Slaperke
Go to the top of the page
 
+Quote Post
Termina
post May 12 2004, 10:16 AM
Post #2


RMS is my Hero
******

Group: Support Specialist
Posts: 862
Joined: 18-February 04
From: Wisconsin
Member No.: 2,404



QUOTE
#Your iptables path
IPT="/sbin/iptables"

#Assuming your connection comes to your main computer to your NIC card
INT="eth0"

#Clears out existing rules
$IPT -F
$IPT -F FORWARD
$IPT -X

#Sets up policies
$IPT -P FORWARD ACCEPT

#If you have a static IP, keep the following 2 lines the same
#If you have a semi-static IP, or use DHCP, comment the first line and uncomment the 2nd line
$IPT -t nat -A POSTROUTING -o $INT -j SNAT --to 216.138.195.197
#$IPT -t nat -A POSTROUTING -o $INT -j MASQUERADE

#Protects forwarding rule
$IPT -A FORWARD -i $INT -m state --state NEW,INVALID -j DROP

#Forwarding certain specific ports to other machines.
$IPT -t nat -A PREROUTING -i $INT -p tcp --dport 25 -j DNAT --to 10.1.1.51:25
$IPT -t nat -A PREROUTING -i $INT -p tcp --dport 53 -j DNAT --to 10.1.1.51:53
$IPT -t nat -A PREROUTING -i $INT -p udp --dport 53 -j DNAT --to 10.1.1.51:53

#Forwarding range of ports to another machine
$IPT -t nat -A PREROUTING -i $INT -p tcp --dport 2300:2400 -j DNAT --to 10.1.1.50
$IPT -t nat -A PREROUTING -i $INT -p udp --dport 2300:2400 -j DNAT --to 10.1.1.50

#Accepts connections from local machines (replace with your computers IP addys)
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A INPUT -s 10.1.1.50 -d 0/0 -p all -j ACCEPT
$IPT -A INPUT -s 10.1.1.51 -d 0/0 -p all -j ACCEPT
$IPT -A INPUT -s 10.1.1.52 -d 0/0 -p all -j ACCEPT


<.<

Hope that works. biggrin.gif


--------------------
*Points finger at the author above him* They're a witch! Burn them!
---
Vist my website!
Join me in IRC! Server: st0rage.org Channel: #UnhandledExceptions
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 14th December 2017 - 02:05 PM