|
Hi all, This
is my first dealings with firewalls and I’m trying to get an understanding.
Here’s the senerio: 10.0.0.1 outside net on eth0 192.168.0.1 inside net on eth1 Running VNC on port 5800, user requests
telnet 10.0.0.117 5800 and I want to send to 192.168.0.17:5800. Port forward is
on. Do I use the following? # Preroute DNAT to 192.168.0.17:5800 iptables -t nat -A PREROUTING -i eth0
-p tcp -d 10.0.0.117 --dport 5800 -j DNAT --to 192.168.0.17:5800 # Forward packets iptables -A FORWARD -i eth0 -p tcp -o
eth1 -d 192.168.0.17 --dport 5800 -j ACCEPT # Allow for replies iptables -t nat -A POSTROUTING -o eth0
-p tcp -s 192.168.0.17 --sport 5800 -j SNAT --to 10.0.0.117:5800 Is this correct
or am I heading way off track? Do I need to do more or less? I’m just not
getting it, lol. Thanks. Scottie |
- Re: Trying to understand it all.. Scottie
- Re: Trying to understand it all.. Antony Stone
