If it works, make sure the changes persist across reboots: cat /etc/sysctl.d/nf ![]() ![]() To rewrite the source IP of the packet to the IP of the gateway (and back in the reply packet): iptables -A POSTROUTING -t nat -p tcp -d 192.168.1.200 -dport 8080 -j MASQUERADEģ) If you don't have a default ACCEPT firewall rule, allow traffic to the destination: iptables -A FORWARD -p tcp -d 192.168.1.200 -dport 8080 -m state -state NEW,ESTABLISHED,RELATED -j ACCEPTĤ) Test the new setup. To rewrite the destination IP of the packet (and back in the reply packet): iptables -A PREROUTING -t nat -p tcp -i ppp0 -dport 8001 -j DNAT -to-destination 192.168.1.200:8080 The accepted solution works when the destination host and the gateway are on the same subnet (like is in your case, both are on eth0 192.168.1.0/24).īelow is a generic solution for when the gateway, source and destination are all on different subnets.ġ) Enable IP forwarding: sysctl 0.forwarding=1Ģ) Add 2 iptables rules to forward a specific TCP port:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |