> I have one router with my linux, i´m using the > following rules for masquerade and nat my conection. > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > how can i redirect ports for address ip valid to ip > invalid, on my internal lan. You DON'T want to open up the firewall entirely on a single host. If you want to open a single TCP port from the internet to a single PC, you would have: iptables -t nat -A PREROUTING -i eth1 -p tcp --dport <your_port_number> -j DNAT --to <your_internal_host>
