[NTLUG:Discuss] Firewall Forwarding Question
Kenneth Loafman
ken at lt.com
Fri Feb 21 09:57:05 CST 2003
David wrote:
> What's been missing in all this is that with iptables, "forward" is
> the wrong table to put this sort of thing in. What's really needed
> here is the iptables "DNAT" option, which is only valid in the "nat"
> table.
>
> Here's the commands I'd suggest:
>
> iptables -t nat -A PREROUTING -p udp -s {host-A} --dport 540 \
> -j DNAT --to-destination {host-C}:540
>
> iptables -t nat -A PREROUTING -p udp -s {host-B} --dport 540 \
> -j DNAT --to-destination {host-C}:540
>
> You'll need to have the ip_conntrack and ip_nat modules in your
> kernel.
>
Thanks, will check it out.
...Ken
More information about the Discuss
mailing list