Under the netfilter model, this is known as DNAT (Destination NAT,
because it is the destination field of incoming packets that is being
rewritten).
you'll want something like the following:
iptables -t nat -A PREROUTING -d $extip -p tcp --dport 135 -j DNAT
--to-destination 192.168.1.1
(also see http://netfilter.samba.org/unreliable-guides/NAT-HOWTO/ for
more info).
hth,
Vineet
* Sebastiaan ([EMAIL PROTECTED]) [010622 12:29]:
doing a search for -dport or -sport for source and destination ports
thank you for your reply, but I am not getting much wiser with this
document. I learn by examples. I was thinking about this:
iptables -A INPUT -i eth0 -d 212.127.10.10 -dport 135 -j ACCEPT
iptables -A OUTPUT -i eth1 -s 192.168.1.1 -sport 135 -j ACCEPT
internal ip address on the world side of your firewall box - either thats
wrong or you must have a router doing nat before any packets will
arrive?
Hello,
Simply said I want to do this with iptables:
ipmasqadm portfw -a -P tcp -L $extip 135 -R 192.168.1.1 135
so that tcp traffic from port 135 is directly forwarded to port 135 on my
local machine and vice versa.
Sorry if I was unclear.
Thanks in advance,
Sebastiaan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
pgpQpCvap18WG.pgp
Description: PGP signature
