Andy Lego wrote: > Hello, > > I have a dual-homed network. Is there any way to tell iptables to > forward all requests for specific service, that come from one > interface, to go back out on the same interface? > > Right now I have simply: > > -A POSTROUTING -o eth0 -j MASQUERADE > -A POSTROUTING -o eth1 -j MASQUERADE > > So, what am I missing? > > Thank you. > > -- > http://legoandy.com > Not sure what you mean. Say your device is 10.0.1.5, do you mean that if someone was to telnet to 10.0.1.5 you would forward it to 10.0.1.10 (10.0.1.0/24 is on eth0)? The simplest is to have ip_forwarding on. Then add DNAT and MASQUERADE rules. Linux routing should take care of the rest. iptables -A PREROUTING -t nat -p tcp -s 10.0.1.0/24 --dport 23 -j DNAT --to 10.0.1.10 iptables -A POSTROUTING -t nat -j MASQUERADE
