IP Forwading from Local IP to Live IP

Taylor Grant gtaylor at riverviewtech.net
Tue Apr 19 09:44:58 CEST 2005


> Hi guys, Im new to iptables.. hope someone can help me to this.
> 
> The situation is this, I have a webserver running on a local network machine
> (192.168.1.3) & I want it to be accessible outside my network. Is it
> possible?
> 
> setup is like this:
> 
> workstation (192.168.1.3) ---> HUB ---> server ( LIVE IP, accessible
> everywhere on the net )
> 
> when user access the live IP ex. 10.0.0.3 can he forward to get the files on
> the worstation?

I think you are talking about simple port forwarding.  To accomplish this you would want to run such a set up on server / router / firewall.

iptables -t nat -A PREROUTING -i $INet_Interface -d 10.0.0.3 -p tcp --dport $Port_of_Service -j DNAT --to-destination 192.168.1.3:$Port_of_Service
iptables -t nat -A PREROUTING -i $INet_Interface -d 10.0.0.3 -p udp --dport $Port_of_Service -j DNAT --to-destination 192.168.1.3:$Port_of_Service
iptables -t nat -A POSTROUTING -o $LAN_Interface -d 192.168.1.3 -p tcp --dport $Port_of_Service -j SNAT --to-source $Internal_IP_of_Server
iptables -t nat -A POSTROUTING -o $LAN_Interface -d 192.168.1.3 -p udp --dport $Port_of_Service -j SNAT --to-source $Internal_IP_of_Server

This will take any TCP or UDP traffic that is coming in to the server to port $Port_of_Service and (port) forward it to 192.168.1.3 where the traffic will be handled as if it were originally destined to the internal system.



Grant. . . .



More information about the netfilter mailing list