RE: RE: Can iptables create alias IP for another box?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> > Port 80 : webserver ?
> > Port 8080 : web-proxy ?
> 
> Don't need 8080 if iptables on B can do:
> 
>   client(tcp/80)--> boxB--> boxA--> boxB--> client

Sure.

> I'd try :
> iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> iptables -A FORWARD -d 1.2.3.4 -p tcp --dport 80 -j ACCEPT
> iptables -t nat -A PREROUTING -d 10.5.6.7 -p tcp --dport 
> 8080 -j DNAT --to-destination 1.2.3.4:80

Change 8080 into 80.

> A & B have one interface each, on different subnets routed to each other.

Well, if A can see B (and vice-versa) there hould be no problem I think.


Rob
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux