Solved

Multiple IP Address with port forwarding

Posted on 2007-04-05
2
948 Views
Last Modified: 2013-12-16
I am using SME Server 7.1 (2.6.9 Kernel) as a gateway, and I have set up multiple IP addresses on one external facing network card, and I have one internal facing network card.  I would like to forward ports on to various servers on my network, i.e. X.X.X.17:80 goes to 192.168.0.1:80, X.X.X.18:80 goes to 192.168.0.2:80.  

In my /etc/rc.d/init.d/masq file, I have the following entries:
    /sbin/iptables --table nat --new-chain PortForwarding_$$
    /sbin/iptables --table nat --append PortForwarding_$$ --protocol tcp -d X.X.X.18/32 --destination-port 80 -j DNAT --to-destination 192.168.0.2:80
    adjust_tcp_in 80 ACCEPT ForwardedTCP_$$ 192.168.0.2/32

From what I understand, this should forward all incomming requests to X.X.X.18:80 to 192.168.0.2:80, but when I try to access this web site, it times out.

Can anyone explain what I am doing wrong, or how to go about doing this?

Many Thanks in advance.
0
Comment
Question by:rtwilde
2 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 18872116
Standard table 'nat' has only 3 chains PREROUTING, OUTPUT and POSTROUTING. You have added 1 new chain and didn't referenced to it from any standard chain. Try to add a reference in a PREROUTING chain:
iptables --table nat -A PREROUTING -j  PortForwarding_$$
0
 

Author Comment

by:rtwilde
ID: 18875400
OK, this is what I found that works, this issue seemed to be exactly what Nopius desribed.
This forwards incomming http requests from external address X.X.X.17 to 10.1.88.10, and from X.X.X.18 to 10.1.88.11

iptables -I PREROUTING -t nat -p tcp --dport 80 -d X.X.X.17 -j DNAT --to 10.1.88.10
iptables -I FORWARD -p tcp -d 10.1.88.10 --dport 80 -i eth1 -o eth0 -j ACCEPT
iptables -A POSTROUTING -t nat -o eth1 -p tcp -s 10.1.88.10 -j SNAT --to-source X.X.X.17
iptables -I PREROUTING -t nat -p tcp --dport 80 -d X.X.X.18 -j DNAT --to 10.1.88.11
iptables -I FORWARD -p tcp -d 10.1.88.11 --dport 80 -i eth1 -o eth0 -j ACCEPT
iptables -A POSTROUTING -t nat -o eth1 -p tcp -s 10.1.88.11 -j SNAT --to-source X.X.X.18
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now