Em Seg, 2008-03-17 às 19:13 +0100, Jan Engelhardt escreveu: > On Mar 17 2008 09:26, Phil Sutter wrote: > > > >I thought I could do the following but it does not work: > > > >iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 5080:5085 -j DNAT > >--to 192.168.1.10:80-85 > > > >Is there a way to do what I want to do with a single command or do I > >have to forward each port with an individual command? > > To do it with a single rule requires your own target extension. > > :80-85 just tells it to choose any one of it. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > AFAIK, don't exist any single command to do that... What exists, is NETMAP target that DNAT/SNAT every single address in two ranges. i.e: "iptables -t mangle -A PREROUTING -s 192.168.1.0/24 -j NETMAP --to 10.5.6.0/24" If anyone knows any command that do this, I'll be pleased to know too... If don't, this is a good feature to implement in futures versions of IPTables. []s Cloves -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
