[TCLUG] Iptables

Fri Apr 2 10:37:05 CST 2004

Bryan Zimmer wrote:

>I am insterested in this subject too. I am trying to do NAT with internet
>servers (DNS, Mail, Httpd & Tomcat) behind a firewall. I haven't had any
>success trying this on my own.
>
>  
>
if I understand your setup correctly ( becouse i have one like this 
myself) its one otside IP and you want to have multi servers behindthe 
NAT siting on private IPs? the line you are looking for is

eth0 - you outside
1.1.1.1 - real ip
10.1.1.1 - http IP
10.1.1.2 - SMTP IP
.....

iptables -t nat -I PREROUTING -i eth0 -d 1.1.1.1 -p tcp -m tcp -dport 80 
-j DNAT --to-destination 10.1.1.1
iptables -t nat -I PREROUTING -i eth0 -d 1.1.1.1 -p tcp -m tcp -dport 25 
-j DNAT --to-destination 10.1.1.2

and so on for other ports if your internal servers sit on different 
ports then standard you can specify port after an IP with a " : "  like 
this:

iptables -t nat -I PREROUTING -i eth0 -d 1.1.1.1 -p tcp -m tcp -dport 80 
-j DNAT --to-destination 10.1.1.1:8080

>Bryan Zimmer
>
>----- Original Message ----- 
>From: "Jim Streit" <jimstreit at northlans.com>
>To: <tclug-list at mn-linux.org>
>Sent: Thursday, April 01, 2004 4:42 PM
>Subject: [TCLUG] Iptables
>
>
>  
>
>>Anyone here really know iptables inside and out?  I'm looking to setup a
>>firewall with access control list types of features.  I don't want to do
>>NAT, just forward and filter between multiple interfaces.
>>
>>I can trade you lunch or something for your time.
>>
>>Thanks
>>Jim Streit
>>
>>
>>
>>_______________________________________________
>>TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
>>http://www.mn-linux.org tclug-list at mn-linux.org
>>https://mailman.real-time.com/mailman/listinfo/tclug-list
>>
>>    
>>
>
>
>
>_______________________________________________
>TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
>http://www.mn-linux.org tclug-list at mn-linux.org
>https://mailman.real-time.com/mailman/listinfo/tclug-list
>
>  
>

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list