Dimitri Yioulos wrote:
Hi, folks.
Noob, question:
I want to allow a vendor to access a piece of equipment on our LAN
(192.168.100.46) through port 4000 from outside via a server in our
DMZ (www.xxx.yyy.zzz). While I should know how to do this, I'm not
100% sure. Can someone help?
In PREROUTING do a DNAT rule, in FORWARD allow traffic to 192.168.100.46.
Oh, and separately, how would I allow that access only through the
vendor's ip address, if that were the way I decided to go?
Add -s $VENDOR_IP to both rules.
HTH,
M4
