[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DNAT: forwarding all ports to a host

One requirement for a firewall setup I am working on is the ability to forward 
all (remaining) ports to a specific host on the network.  Note that I am hoping 
to avoid using this but it is required as an option.

The server/router runs some services.  There is a chain of RETURNs for those 
services.  Packets with the remaining destination ports fall through to the 
actual DNAT target:
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination

But what affect does this have on ESTABLISHED,RELATED connections?  Does this 
interfere with, say, a reply from google.com:80 to network host

Links etcetera welcome.


Attachment: signature.asc
Description: Digital signature

Reply to: