Re: Port forward/bounce no external interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey that worked.. Thanks.



---
Don Hoover
dxh@xxxxxxxxx


--- On Fri, 2/6/09, Mart Frauenlob <mart.frauenlob@xxxxxxxxx> wrote:

> From: Mart Frauenlob <mart.frauenlob@xxxxxxxxx>
> Subject: Re: Port forward/bounce no external interface
> To: netfilter@xxxxxxxxxxxxxxx
> Date: Friday, February 6, 2009, 4:15 PM
> Mart Frauenlob wrote:
> > Don Hoover wrote:
> >> I want to forward all connections on a port to
> another box on the same internal network.
> >> 
> >> For instance, I want to forward all traffic on my
> server:5000 to go anotherbox:9000
> >> 
> >> I have little experience with iptables, and I am
> currently not using it at all on this server, so I will need
> to setup a small iptables configuration from scratch
> including any required setup before whatever command is
> needed to do this.
> >> 
> >> This will all be in the same network and not
> actually be going across interfaces...the client, server,
> and otherbox are all located on the same internal network.
> >> 
> >> I am sure this is probably easy for someone what
> really knows what they are doing.... AND...I have been
> reading as much as I can on this, and all the examples I
> have found via extensive google searching all deal with the
> apparently much more common case of forwarding incoming
> connections on a external facing network interface to a
> different port for a different IP on an internal facing
> interface, ala firewall router.  And that just does not
> apply here.  I kinda thought maybe what I wanted was a
> variation on that and I tried some different things but none
> of them worked.
> >> 
> >> Any help?
> >>   
> > Hello,
> > 
> > Please try:
> > 
> > iptables -t nat -A PREROUTING -s your-network -d
> server -p tcp --dport -j DNAT --to-destination
> anotherbox:9000
> 
> sorry, I missed the port string.
> should be:
> 
> iptables -t nat -A PREROUTING -s your-network -d server -p
> tcp --dport 5000 -j DNAT --to-destination anotherbox:9000
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux