Hi again.
I am at a bit of a quandary, and am not sure what to do.
Let the external interface on my firewall be 100.100.100.100
I have an internal box; 192.168.0.20 that needs to connect to an external
box 200.200.200.200 on port 2000.
I want the internal box to connect to hit my firewall on a different port ..
say 15000
so basically
start: .... -s 192.168.0.20 -d 200.200.200.200 --dport 15000
after firewall -s 100.100.100.100 -d 200.200.200.200 --dport 2000
How can I do this ?
I started out with:
$IPT -t nat -A POSTROUTING -d 200.200.200.200 --dport 15000 -p tcp -i eth0 \
-j SNAT --to-source 100.100.100.100
But this does not change the destination port (obviously). I thought about
doing the following
$IPT -t nat -A PREROUTING -d 100.100.100.100 --dport 15000 -p tcp -i eth0 \
-j DNAT --to-destination 200.200.200.200 --dport 2000
However, I don't think that this will change my source address. Also, will
this even forwarded the packets ? They would be coming on the input chain
would they not ?
Thank you for the help.
Peter Marshall
Peter Marshall, BCS
Network Administrator, CARIS
115 Waggoners Lane, Fredericton NB, E3B 2L4 CANADA
Phone: (506) 458-8533 (Reception)
