Marco Hainaut wrote: > hello , > > I'm newbee with iptables and firewalling and my question is : > > How can I do to authorise access to a workstation in a local network > with pcanywhere from the outside trough my "routing-firewalling' red hat > 8 box newly installed from scratch ? > > eth0 = external if ( 212.145.X.X ) > eth1 = local if (192.168.0.2) > used ports : 5631 (tcp) & 5632 (udp) > > > Is there somebody can help me to write the correct script to make it > working ? > > regards, > > Marco Hainaut > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > Marco, suppose the IP address of your PC/Anywhere workstation is $PCANY. Then you need at least the following rules: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5631 -j DNAT --to-destination $PCANY iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5632 -j DNAT --to-destination $PCANY iptables -t filter -A FORWARD -i eth0 -o eth1 -p tcp -m state --dport 5631 --syn --state NEW -j ACCEPT iptables -t filter -A FORWARD -i eth0 -o eth1 -p udp --dport 5632 -j ACCEPT iptables -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # If you need to nat all outgoing trafic... iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE Regards, Stephane. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
