[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: iptables?

To: silug-discuss@silug.org
Subject: Re: iptables?
From: Tony Zafiropoulos <tonyz@ctitek.com>
Date: Thu, 22 Aug 2002 16:39:49 -0500 (CDT)
In-Reply-To: <000501c24a20$b4ec5030$0200a8c0@reflex>
Organization: Southern Illinois Linux Users Group
Reply-To: silug-discuss@silug.org
Sender: silug-discuss-owner@silug.org



Eric,

If you need specific iptables help right away, I would contact
Steve@silug.org.... He has developed his own scripts which I cannot
understand :).

I have copied some of these scripts:

http://www.linuxguruz.org/iptables/

On MonMotha's script:
http://monmotha.mplug.org/firewall/firewall/2.3/rc.firewall-2.3.8-pre7

you set the forwarding in this variable:
TCP_FW=""					# TCP port forwards, form is
"SPORT:DPORT>DESTIP<LOCIP" <LOCIP may be omitted



which leads to  (sorry for the wrapping, but you can see the whole thing
on the website):

#TCP Port-Forwards
if [ "$TCP_FW" != "" ] ; then
	echo -n "TCP Port Forwards: "
	for rule in ${TCP_FW} ; do
		echo "$rule" | {
			IFS=':><' read srcport destport host shost
				echo "$srcport" | {
					IFS='-' read fsp lsp
					if [ "$shost" = "" ] ; then
						if [ "$lsp" != "" ] ; then
							echo "$destport" |
{
								IFS='-'
read fdp ldp

${IPTABLES} -t nat -A PREROUTING -i ${INET_IFACE} -p tcp --dport
${fsp}:${lsp} -j DNAT --to-destination ${host}:${destport}
							}
						else
							${IPTABLES} -t nat
-A PREROUTING -i ${INET_IFACE} -p tcp --dport ${srcport} -j DNAT
--to-destination ${host}:${destport}
						fi
					else
						if [ "$lsp" != "" ] ; then
							echo "$destport" |
{
								IFS='-'
read fdp ldp

${IPTABLES} -t nat -A PREROUTING -p tcp -d ${shost} --dport ${fsp}:${lsp}
-j DNAT --to-destination ${host}:${destport}
							}
						else
							${IPTABLES} -t nat
-A PREROUTING -p tcp -d ${shost} --dport ${srcport} -j DNAT
--to-destination ${host}:${destport}
						fi
					fi
					echo -n "${rule} "
				}
		}
	done
	echo
fi





On Thu, 22 Aug 2002, Eric Peterson wrote:

> Is anyone proficient with iptables?
> I've been trying to get port-forwarding to work with it for the past few
> months, but haven't had much luck.
> 
> If anyone could give me a command that forwarded port 80 to 192.168.0.2,
> that'd be great...
> And if there's more that you need from the command, I'll post it.
> 
> 
> -
> To unsubscribe, send email to majordomo@silug.org with
> "unsubscribe silug-discuss" in the body.
> 

-- 
Tony Zafiropoulos
FixMyVirus.com
Cel: 314-504-3974
tonyz@fixmyvirus.com
Best way to reduce your virus exposure?
Run Linux - Replace Windows one system at a time.


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

References:
- iptables?
  - From: "Eric Peterson" <FreeZeR147@charter.net>

Prev by Date: iptables?
Next by Date: php reuse question
Prev by thread: iptables?
Next by thread: Re: Installing on Proliant
Index(es):
- Date
- Thread