Port forwarding via iptables.
Posted: Fri May 22, 2009 9:52 am
I've recently had to figure out how to use iptables to port forward traffic from an external NIC to an internal NIC.
You need to have two different rules:
-A PREROUTING -i External_NIC -p tcp -m tcp --dport External_Port -j DNAT --to-destination Internal_IP:Internal_Port
-A FORWARD -d Internal_IP -p tcp -m tcp --dport Internal_Port -j ACCEPT
For example:
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:80
-A FORWARD -d 192.168.0.1 -p tcp -m tcp --dport 80 -j ACCEPT
You need to have two different rules:
-A PREROUTING -i External_NIC -p tcp -m tcp --dport External_Port -j DNAT --to-destination Internal_IP:Internal_Port
-A FORWARD -d Internal_IP -p tcp -m tcp --dport Internal_Port -j ACCEPT
For example:
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:80
-A FORWARD -d 192.168.0.1 -p tcp -m tcp --dport 80 -j ACCEPT