[CentOS] How to access one machine behind iptables, on different subnet?
Jorge Fábregas
jorge.fabregas at gmail.comFri Oct 29 12:10:06 UTC 2010
- Previous message: [CentOS] How to access one machine behind iptables, on different subnet?
- Next message: [CentOS] How to access one machine behind iptables, on different subnet?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Friday 29 October 2010 04:22:52 Rudi Ahlers wrote: > How do I give full access to all ports on this IP, instead of forwarding > every port? Sure. That's called One-to-One NAT. You'll do something like this: iptables -t nat -I PREROUTING -d 192.168.1.20 -j DNAT --to-destination $GREEN ...where $GREEN is one ip on your 192.168.2.x network. Then make sure you have the proper "allow" rules on the INPUT chain for your LAN ip ($GREEN). The above was for ingress traffic. Now, for egress traffic (for this internal LAN ip) you'll need to perform NAT as well: iptables -t nat -A POSTROUTING -s $GREEN -j SNAT --to-source 192.168.1.20 Check out: http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables HTH, Jorge
- Previous message: [CentOS] How to access one machine behind iptables, on different subnet?
- Next message: [CentOS] How to access one machine behind iptables, on different subnet?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list