|
DNAT:
Is it possible to have a SINGLE (DNAT?) rule
that will let me do 1:1 port-forwarding over a range of ports while doing
Destination NAT.
e.g. Any incoming connections to
64.1.0.20:100-101 need to be mapped to 172.16.0.100:200-201 for the TCP
protocol.
such that a connection to port 101 will
ALWAYS map to port 201 and a connection to port 100 will ALWAYS map to port
200.
Under current DNAT port range scenario, the
connection goes to the lowest port that is free e.g. a port 101 connection will
be DNATt'ed to port 200 if port 200 is free.
The reason for wanting a 1:1 rule is for X
windows and other fat port ranges. Dont want hundreds of rules in there if one
can do the job. Can IPTables do it ? If so how ?
If not, I guess I'll have to get in touch with the developers for tips on a good
starting point.
Thanks in
advance,
Ranjeet Shetye |
