The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
Linux/ipchains question by Freakazoid2002-09-26 01:37:14
  ipchains/netfilter by Vogon 2006-11-19 12:55:59
Sure there is: clicky
So you want to do incoming, ie. destination NAT? you could give it a quick try with this:

iptables -t nat -A PREROUTING -i $EXT_IF -p tcp --dport 80 -j DNAT --to 192.168.1.x

assuming that you'd do it for a webserver. Important is that you do the NAT on the external interface and in the prerouting chain. And you'd still need a filter rule allowing the connection in the firewall rulebase, using the internal ip address, because NAT rewriting happens before the filtering part.
At least that's how I remember it.
Hope this helps
[ Reply ]
    Pissible to do port ranges? by Freakazoid2002-09-26 03:49:15
      This brings us to the invention of iptables. by caffine-iv2002-09-26 04:08:16
        Actually, there is. by Avium2002-09-26 06:24:42
      I *think* so by Vogon2002-09-26 10:42:48

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)