Re: forwarding all ports from a particular IP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 for the first question, the answer is yes
 
do
 
iptables -t nat -A PREROUTING -s the_ip_you_need -j DNAT --to the_destination_ip
 
for the entire ip range, yes too, do this in the same way, just adding a mask or a cidr value to the net.
 
for a name, its not possible iptables will resolve a specific name at the moment that it reads and insert the rule to the table. So if the name change its ip, it wont be reflected on the rules until you reload them.
 
What you can do is this
 
 
if the response is 1.2.3.4 do
 
whois 1.2.3.4 and look the ip range of aol, (suppose 1.2.0.0/16) so, you can do
 
iptables -t nat -A PREROUTING -s 1.2.0.0/16 -j DNAT --to the_destination_ip
 
 
dont forget to turn on ip_forwarding and check the FORWARD policy
 
 
 
----- Original Message -----
From: James
Sent: Friday, April 16, 2004 12:04 AM
Subject: forwarding all ports from a particular IP?

Hi,

 

I was wondering if anybody could tell me how to setup a rule that forwards all inbound packets from a particular IP, regardless of the ports, on to a machine on the local network? If so, what would this rule look like?

 

I was also wondering if it is possible to forward an entire IP range, or the DNS using wildcards? For example forwarding all connections from *.aol.com regardless of the port onto a specific IP? If this is possible, could anybody tell me how I would go about it?

 

Thanks,

James

 

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux