On my testing linux host I have a working http port forwarding to host behind it and I'm looking to make this working also on ShrewSoft virtual adapter.
My situation is something like this: LAN 192.168.1.0/24 --- FIREWALL ---- [INTERNET] ---- [WAN 1.1.1.1]HOST1 with Shrewsoft[VIRTUAL ADAPTER 192.168.2.1][LAN 10.0.0.1] --- HOST2[10.0.0.2] Actually traffic from INTERNET to 1.1.1.1:80 is forwarded to HOST2 IP, I would like to also have http traffic coming from 192.168.1.0 to ShrewSoft virtual ip 192.168.2.1 be forwared to HOST2 IP. My iptables is the following: *filter > > :INPUT DROP [113:16645] > > :FORWARD DROP [0:0] > > :OUTPUT DROP [0:0] > > -A INPUT -i lo -j ACCEPT > > -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > > -A FORWARD -o eth0 -p tcp -m tcp --dport 80 -j ACCEPT > > -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > -A FORWARD -j ACCEPT > > -A OUTPUT -o lo -j ACCEPT > > -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT > > COMMIT > > # > > # > > *nat > > :PREROUTING ACCEPT [683:182341] > > :POSTROUTING ACCEPT [298:68050] > > :OUTPUT ACCEPT [147:9295] > > -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.2 > > COMMIT > > # > > # > > *mangle > > :PREROUTING ACCEPT [73446:84206855] > > :INPUT ACCEPT [34677:47173489] > > :FORWARD ACCEPT [38769:37033366] > > :OUTPUT ACCEPT [19988:1806151] > > :POSTROUTING ACCEPT [56744:38483902] > > COMMIT > > Does anyone have suggestions?
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
