Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: iptable port forwarding between two lan interface
Operating Systems Linux Red Hat iptable port forwarding between two lan interface Post 302642995 by chuikingman on Friday 18th of May 2012 09:32:30 AM
Old 05-18-2012
iptable port forwarding between two lan interface
Hi,
How can I config iptables to allow port forwarding from one WAN interface to second lan interface .
In my system I have one wan interface 61.93.204.56 (eth0),and lan interface 10.2.1.52(eth1)
I want to make port forward port no 22 from 61.93.204.56 to
port 22 , 10.2.1.52 , tcp and udp
I try below command but all are not work
Code:
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -p tcp -d 10.2.1.52 --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -p udp -i eth0 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -p udp -d 10.2.1.52 --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Code:
iptables -A PREROUTING  -p tcp -m tcp -d 61.93.204.56 --dport 22 -j DNAT --to-destination 10.2.1.52:22
iptables -A FORWARD -m state -p tcp -d 10.2.1.52 --dport 22 --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -p tcp -m tcp -s 10.2.1.52 --sport 22 -j SNAT --to-source 61.93.204.56

Code:
iptables -A PREROUTING -t nat -i eth0 -p udp --dport 22 -j DNAT --to 10.2.1.52:22
iptables -A INPUT -p udp -m state --state NEW --dport 22 -i eth0 -j ACCEPT
iptables -A FORWARD -p tcp -m state --state NEW -d 10.2.1.52 --dport 22 -j ACCEPT

Code:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 22 -j DNAT --to 10.2.1.52:2
iptables -A FORWARD -p tcp -i eth0 -o eth2 -d 10.2.1.52 --dport 22 -j ACCEPT

Please advice how can I make it work .
And how can I open debug for above iptables rule and see what is wrong ???
Please advice ..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

port forwarding

Hi, I have to install an application that has a built in tftp server. Tftp comes in on port 69. As i am not installing this application as a root user i am running into trouble because only the root user can listen to ports < 1024. So changing the port i listen to to one greater than 1023 isn't... (1 Reply)
Discussion started by: imloaded24_7
1 Replies

2. Solaris

How to force the LAN interface running on 10M

Hi all, I would like to force the LAN card to use 10MB instead of 100MB in UNIX enviroment, please help. thanks! :) (3 Replies)
Discussion started by: Felixkoo
3 Replies

3. UNIX for Advanced & Expert Users

Port forwarding

Hi I want to set up port forwarding from one network to another network. I already have this configured on the Linux box using iptables. iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 1521 -j DNAT --to 10.218.146.230 iptables -A FORWARD -p tcp -i eth1 -d 10.218.146.230 -j ACCEPT ... (2 Replies)
Discussion started by: slash_blog
2 Replies

4. Solaris

ip and port forwarding in Solaris 10

Hi; I have the following issue: I have a Solaris server running an old applications which connects to an http server in other server at certain port. The thing is that the http server has changed its ip and port and the addres in the app is hard coded and touching the app by now is out of the... (0 Replies)
Discussion started by: ppereira
0 Replies

5. IP Networking

SSH Port Forwarding - sharing the same port

Hi Linux/Unix Guru, I am setting Linux Hopping Station to another different servers. My current config to connect to another servers is using different port to connect. e.g ssh -D 1080 -p 22 username@server1.com ssh -D 1081 -p 22 username@server2.com Now what I would like to have... (3 Replies)
Discussion started by: regmaster
3 Replies

6. Red Hat

blue screen to config lan interface

I use red hat linx ES 4 ,5 , how can I start up attached screen to config the lan interface in command mode ??? Please advice in detailed ?? (1 Reply)
Discussion started by: chuikingman
1 Replies

7. UNIX for Advanced & Expert Users

Iptable and port forwarding

Hello, I have a routeur linksys (192.168.1.1 ) a firewall (192.168.1.55 IN ----> 192.168.2.254 OUT) which using iptable I want to acces to an equipment (lorex video camera serveur 192.168.2.44) which using an ddns service on the port 9000 So i don t know which redirection a will do on the... (2 Replies)
Discussion started by: tapharule
2 Replies

8. UNIX for Advanced & Expert Users

Help on port forwarding please..

Hi experts, We have windows machine ( A ) in one network & 2 Linux Servers ( B & C ) in another network. There is a firewall between these 2 networks and SSH (TCP/22) & HTTPS (TCP/443) are allowed from A to B only (but not to C). There is no personal firewall / iptables running on any machine.... (1 Reply)
Discussion started by: magnus29
1 Replies

9. IP Networking

Port Forwarding not working

Hello Gurus, I have configured port forwarding at router. But after configuration I am not able to connect the computer from outside/Over internet/Remote desktp from other computer. Could you please advice? Thanks- Pokhraj (2 Replies)
Discussion started by: pokhraj_d
2 Replies

10. Red Hat

iptables port forwarding

Hello All, I would like to ask you very kindly with /etc/sysconfig/iptables file I have to setup port forwarding on RHEL6 router. Users from public network must be able to ssh to servers in private network behind RHEL6 router. Problem is that servers in private network must be isolated. My... (2 Replies)
Discussion started by: oidipus
2 Replies

LEARN ABOUT NETBSD

route.conf

ROUTE.CONF(5)						      BSD File Formats Manual						     ROUTE.CONF(5)

NAME

     route.conf -- static routes config file

DESCRIPTION

     The route.conf file is read by the staticroute rc.d script during system start-up and shutdown, and is intended for adding and removing
     static routes.

   FILE FORMAT
     Lines starting with a hash ('#') are comments and ignored.  Lines starting with a plus sign ('+') are run during start-up, while lines start-
     ing with a minus sign ('-') are run during system shutdown.  If a line starts with a '!', the rest of the line will get evaluated as a shell
     script fragment.  All other lines are passed to route(8).	During start-up, they are passed behind a ``route add -'' command and during shut-
     down behind a ``route delete -'' command.

FILES

     /etc/route.conf	 The route.conf file resides in /etc.

     /etc/rc.d/staticroute
			 rc.d(8) script that parses route.conf.

EXAMPLES

     In this example, the interface for the desired routing changes is set, the IP address on that interface is determined, and a route is added
     during startup, or deleted during system shutdown.

	   # Set interface and determine current IP address for added route.
	   !ifname=bnx0
	   !ipaddr=$(/sbin/ifconfig ${ifname} | awk '$1 == "inet" {print $2}')
	   net 10.10.1 -interface ${ipaddr}

     In this example, IP forwarding is turned on during start-up, and a static route added for 192.168.2.0.  During system shutdown, the route is
     removed and IP forwarding turned off.

	   # Turn on/off IP forwarding.
	   +sysctl -w net.inet.ip.forwarding=1
	   -sysctl -w net.inet.ip.forwarding=0
	   net 192.168.2.0 -netmask 255.255.255.0 192.168.150.2

SEE ALSO

     rc.conf(5), rc(8), route(8)

BSD
								    May 1, 2012 							       BSD
All times are GMT -4. The time now is 01:56 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy