Difference between revisions of "IP Forwarding and iptables configuration"
| (4 intermediate revisions by the same user not shown) | |||
| Line 16: | Line 16: | ||
iptables -t nat -A PREROUTING -p tcp --dport 1111 -j DNAT --to-destination 2.2.2.2:1111<br> | iptables -t nat -A PREROUTING -p tcp --dport 1111 -j DNAT --to-destination 2.2.2.2:1111<br> | ||
| + | iptables -t nat -A PREROUTING -p tcp --dport 3723 -j DNAT --to-destination 10.0.0.100:3389<br> | ||
and finally, we ask IPtables to masquerade:<br> | and finally, we ask IPtables to masquerade:<br> | ||
| Line 30: | Line 31: | ||
iptables -t nat -D <br> | iptables -t nat -D <br> | ||
| − | http://unix.stackexchange.com/questions/205867/viewing-all-iptables-rules<br> | + | Reference - http://unix.stackexchange.com/questions/205867/viewing-all-iptables-rules<br> |
| + | <source lang="text"> | ||
| + | To get a complete presentation of the netfilter rules, you need | ||
| + | |||
| + | iptables -vL -t filter | ||
| + | iptables -vL -t nat | ||
| + | iptables -vL -t mangle | ||
| + | iptables -vL -t raw | ||
| + | iptables -vL -t security | ||
| + | </source> | ||
| + | iptables --table nat --list or in the short form: <br> | ||
| + | iptables -t nat -L<br> | ||
Latest revision as of 14:19, 1 March 2016
Forwarding must be enabled
root@raspbx:~# cat /proc/sys/net/ipv4/ip_forward
0
root@raspbx:~# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
root@raspbx:~# cat /proc/sys/net/ipv4/ip_forward
1
root@raspbx:~#
Routing and Masquerading
iptables --table nat --append POSTROUTING -o ppp0 -j MASQUERADE
iptables --append FORWARD -i eth0 -j ACCEPT
Forwarding traffic from one port to another machine and port
iptables -t nat -A PREROUTING -p tcp --dport 1111 -j DNAT --to-destination 2.2.2.2:1111
iptables -t nat -A PREROUTING -p tcp --dport 3723 -j DNAT --to-destination 10.0.0.100:3389
and finally, we ask IPtables to masquerade:
iptables -t nat -A POSTROUTING -j MASQUERADE
To delete an entry from the nat table
iptables -t nat -L -n --line-numbers<br
and find the line that matches the rules you want to deletes.
then
iptables -t nat -D
Reference - http://unix.stackexchange.com/questions/205867/viewing-all-iptables-rules
To get a complete presentation of the netfilter rules, you need iptables -vL -t filter iptables -vL -t nat iptables -vL -t mangle iptables -vL -t raw iptables -vL -t security
iptables --table nat --list or in the short form:
iptables -t nat -L
