How to make a redirecting ?

I have a RedHat 7.2 PC, which is configured as firewall, using ipchains. I have an internal network 192.168.x.x/255.255.0.0, which this firewall is protecting. The firewall has multiple real IP addresses ( done with aliasing ).

I also have a WEB server, which is connected to my external network ( let's assume it has ip address 212.111.111.111 ).

I want to connect the WEB server to the internal network and to add its IP address as another alias in the firewall and somehow to make redirection. Assuming the internal IP address of the WEB server will be 192.168.0.5.

So, the firewall will have the real IP address of my WEB server (212.111.111.111) and should redirect all the incoming packages on port 80 to 192.168.0.5:80.

My question is how can I make it with ipchains or another tool.
LVL 9
tkalchevAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
hnminhConnect With a Mentor Commented:
you should use iptables instead (which is recommended for RH7.2). This task can be done by DNAT, sample is like this

$iptables -t nat -A PREROUTING -p tcp --destination-port 80 -s 0/0 -d 212.111.111.111 -j DNAT --to-destination 192.168.0.5:80

someone please correct me if we should use OUTPUT chains instead!!!
0
 
hnminhCommented:
you should use iptables instead (which is recommended for RH7.2). This task can be done by DNAT, sample is like this

$iptables -t nat -A PREROUTING -p tcp --destination-port 80 -s 0/0 -d 212.111.111.111 -j DNAT --to-destination 192.168.0.5:80

someone please correct me if we should use OUTPUT chains instead!!!
0
 
tkalchevAuthor Commented:
Thanks hnminh, I will try this solution
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
escheiderCommented:
if you're using ipchains, download, install and use the tool ipmasqadm.  I haven't used RH 7.2, so I am assuming that this tool works with it.

Then, you can forward all web requests from 212.x.x.111 to 192.168.0.5

download the tool here:

ftp://ftp.redhat.com/pub/contrib/libc6/i386/ipmasqadm-0.4.2-4.i386.rpm

incorporate this into your existing firewall script:

ipmasqadm portfw -a -P tcp -L 212.111.111.111 80 -R 192.168.0.5  80
0
 
tkalchevAuthor Commented:
Thanks to escheider also, I will try
0
 
tkalchevAuthor Commented:
To escheider :

When I try to use ipmasqadm I am receiving this error :

portfw: setsockopt failed: Invalid argument
0
 
tkalchevAuthor Commented:
Also when I try to run : ipmasqadm portfw -l to see if something has happened I am getting this :

portfw: setsockopt failed: Invalid argument
Could not open "/proc/net/ip_masq/portfw"
Could not open "/proc/net/ip_portfw"
Check if you have enabled portforwarding

How to enable the portforwarding
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.