Results 1 to 3 of 3
I am new to linux/iptables so I used this script generator to create a basic firewall script. This is working ok, but I would also like to do some forwarding, ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 10-14-2004 #1
- Join Date
- Oct 2004
IPTables Port forwarding question - special case
I am new to linux/iptables so I used this script generator to create a basic firewall script.
This is working ok, but I would also like to do some forwarding, and I can't find any examples that fit my setup.
I get my Internet connection via a broadband router that I cannot configure myself. From my ISP, it is configured to forward all ports to ip 192.168.0.30. This means that if I configure my Linux box with this IP-address, it gets all incoming traffic. So far, so good. I have also connected another computer (WinXP) on this subnet with ip-address 192.168.0.2. On this I have a ftp-server (which I plan to move, but havent yet) and also use some P2P software (BitTorrent). For this purpose, I would like to forward some ports to this machine.
Can someone please help me with the correct iptables commands for this?
I have tried the following to forward http to my XP box (it also has IIS) but it doesnt work.
$IPT -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.2:80
$IPT -A FORWARD -p tcp -d 192.168.0.2 --dport 80 -j ACCEPT
- 10-15-2004 #2
Can you diagram your network topology a little better? Where is the winXP machine situated (not where does it physically sit...where is it logically in the network )? Does you Linux box have 2 NICs?"Time is an illusion. Lunchtime, doubly so."
~Douglas Adams, The Hitchhiker's Guide to the Galaxy
- 10-15-2004 #3
- Join Date
- Oct 2004
Both computers are connected to the broadband router which has 4 ports. the router has a DHCP server which gives out addresses in the 192.168.0.0-255 range. It has internal address 192.168.0.1 itself. My external address is dynamic, but changes very rarely. I have set up my Linux box with static ip 192.168.0.30 to recieve all incoming traffic (which is being forwarded and NAT'ed by the router to this address). My XP box is set up with static ip 192.168.0.2.
The Linux box only has one NIC.
I hope this was clarifying, and appreciate all help