First some explanation, I'm trying to proxy traffic from a linux box behind a very restrictive firewall, the only way to get my traffic through it is on port 9000; A friend with a static ip has agreed to allow me to proxy my traffic through his box, but he is rightly concerned about the security of such a simple proxy. As you can see, or infer, I've set the rules so that only connections comming from my firewalled box are translated and only new, established and related connections are allowed, but being the noob I am at this I'm not sure if I need anything else. Another translation to recieve and proxy connections to my firewalled box? Are there more restrictive rules I can set so my friend doesnt have to worry? Is there a more ellegant solution that I just don't have the time to persue? Do I need a routing command on my Linux box? I just need some help, since I don't have the time at the moment to persue this as fully as I would like to. Any help would be most appreciated. $IPTABLES -t nat -A PREROUTING -s (my ip address) --dport 9000 -j DNAT --to-destination (your IP here):81 $IPTABLES -A FORWARD -i (input interface) --dport 81 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
