Search
DNAT: Destination NAT with iptables
Sample: SSH through DNAT
Scenario
My client has IP address 172.16.1.202 with 172.16.1.1 as default gateway.
And I need to access secure shell of server in another network (192.168.1.101).
Our gateway has 172.16.1.1 and 192.168.1.1 as IP address in both networks.
Diagram
Client 172.16.1.202 ---> 172.16.1.1:50001 [Gateway] 192.168.1.1 ---> 192.168.1.101:22 [Destination]
Gateway
# Enable IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# Let firewall accept forwarding for port 50001
iptables -A FORWARD -p tcp --dport 50001 -j ACCEPT
# Direct all packet to port 50001 to 192.168.1.101 port 22
iptables -t nat -A PREROUTING -p tcp --dport 50001 -j DNAT --to 192.168.1.101:22
Destination
#Nothing to be configure except default gateway must be Gateway (192.168.1.1)
ip route del default; ip route add default via 192.168.1.1
References:
http://muhdzamri.blogspot.com/2008/07/iptables-dnat.html
Similar
- DNAT: Destination NAT with iptables
- Network Card Bonding on CentOS 5.4
- Heartbeat: Heart of High-Availability Linux
- การสร้าง Logical Volume (LV) บน Software RAID Array
- NFS configuration example (/etc/exports)
- Linux : Run background process after logout
- CentOS : วิธีการลงโปรแกรมเป็นกลุ่ม
- ลองเล่น iSCSI
- Linux : How to create iso image from directory
- Terminator as the Terminal for Linux
