On Mon, Jun 03, 2002 at 12:23:58PM -0700, Vineet Kumar wrote:
| * Paul Johnson (baloo@ursine.dyndns.org) [020603 08:34]:
| > iptables just confuses me at times.
| >
| > I'm trying to figure out how to forward all packets hitting this machine
| > on one port to a port on another machine inside my network. I'm kinda
| > stumped.
|
| $IPTABLES -t nat -A PREROUTING -i $EXT_IF -p tcp --dport $PORT \
| -j DNAT --to-destination $OTHER_IP
|
| Should do it. The reason I give $EXT_IF up there is I'm assuming that
| the machine doing the DNAT is a gateway of some sort.
|
| If you're trying to get it working for machines within your network, it
| won't work:
Actually, it will if you do SNAT as well. That makes the replies go
through the NAT system as well as the requests (which must already be
going through the gateway for the DNAT to happen). An example of
doing this is in the netfilter HOWTO.
HTH,
-D
--
Only two things are infinite, the universe and human stupidity, and I'm
not sure about the former.
Albert Einstein
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
Attachment:
pgpirdrK5R2mt.pgp
Description: PGP signature