Rules for Firewall
hi, i tried to build a linux firewall using Centos 5.4 but not sucessfully.
RangeIP Public <--->Firewall<--->HTTP Server
1. Firewall server includes 2 NIC:
NIC 01 have 2 IP public 126.96.36.199&2
NIC 02 has 1 internal IP 10.0.0.1
2. HTTP Server include 1 NIC
NIC 1: 10.0.0.2
I want to config to every body from internet can access to webserver (10.0.0.2) through firewall server.
Use Iptables, i try to write rules on FireWall Server bellow:
#iptables -t nat -A PREROUTING -t tcp -i eth0 --dport 80 -d <IP PUBLIC> -j DNAT --to 10.0.0.2:80
#iptables -t nat -A POSTROUTING -t tcp -s 10.0.0.2 -j SNAT --to <IP PUBLIC>
But not sucessfully. Please help me !
Here is a TUTORIAL for IPTABLES.
Look at DNAT and SNAT
Also ensure Forwarding is turned on. It is off by default.
I turned on ip_forward , but i can't access website from ip public :(
Looking at your code you don't tell the SNAT rule to only do this on the outbound interface thus it is applied to all traffic after it is routed.
Try the following:
iptables -t nat -A PREROUTING -t tcp -i eth0 --dport 80 -j DNAT --to-destination 10.0.0.2:80
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE