Since I'm doing this in uClinux, both memory and performance are limited. Your suggestion should work but... one setting might create hundreds of rules.
So, netfilter cannot be configured to use two port ranges with the same range but different starting port number (3100-3500 to 2100-2500)?
於 2004/1/13 下午 2:26 時,Mark E. Donaldson 提到:
I'm sure there are some better solutions available, but this should work:
i=3100 while [ "$i" -le 3500 ] do $IPT -t nat -A PREROUTING -i eth0 -j DNAT -p tcp -- dport $i --to-destination 192.168.2.60:$i
i=`expr $i + 1` done
-----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Max Yin Sent: Monday, January 12, 2004 4:43 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Port range forwarding
Hi,
I'm not sure if this question is already been asked before or not, because I
can't find any discussion before.
I want to setup a port forwarding rule that will translate a specified port
range to another port range, for example:
iptables -t nat -A PREROUTING -i eth0 -j DNAT -p tcp --dport 3100:3500 --to-destination \ 192.168.2.60:2100-2500
But I found that all connections from 3100 to 3500 will be mapped to 2100
port only, not 3100 to 2100, 3101 to 2101, etc.
So, how can I make it? or is it possible ?
Thanks Max
