complex iptables port forwarding, is this possible?

I have a Linux box (which is not the default gw) with iptables running on
it, whose ip is 192.168.1.4

I want to forward packets coming to UDP 192.168.1.4:6130, which receives
logging data from several remote hosts on the Internet. The main router on
the network forwards from WAN:6130 to 192.168.1.4:6130.

If the original packet came from 5.4.3.1:10001,
forward (binding to 192.168.1.4:10001) to 192.168.1.8:6130


If the original packet came from 5.4.3.2:10002,
forward (binding to 192.168.1.4:10002) to 192.168.1.6:6130


Is this possible?

Thanks.

-szr

Hello,

szr a écrit :
> I have a Linux box (which is not the default gw) with iptables running on
> it, whose ip is 192.168.1.4
>
> I want to forward packets coming to UDP 192.168.1.4:6130, which receives
> logging data from several remote hosts on the Internet. The main router on
> the network forwards from WAN:6130 to 192.168.1.4:6130.
>
> If the original packet came from 5.4.3.1:10001,
> forward (binding to 192.168.1.4:10001) to 192.168.1.8:6130

iptables -t nat -A PREROUTING -s 5.4.3.1 -d 192.168.1.4 \
-p udp --sport 10001 --dport 6130 -j DNAT --to 192.168.1.8:6130
iptables -t nat -A POSTROUTING -s 5.4.3.1 -d 192.168.1.8 \
-p udp --sport 10001 --dport 6130 -j SNAT --to 192.168.1.4:10001

> If the original packet came from 5.4.3.2:10002,
> forward (binding to 192.168.1.4:10002) to 192.168.1.6:6130

iptables -t nat -A PREROUTING -s 5.4.3.2 -d 192.168.1.4 \
-p udp --sport 10002 --dport 6130 -j DNAT --to 192.168.1.6:6130
iptables -t nat -A POSTROUTING -s 5.4.3.2 -d 192.168.1.6 \
-p udp --sport 10002 --dport 6130 -j SNAT --to 192.168.1.4:10002

The SNAT rules are necessary because the box is not the default gateway.

szr <(E-Mail Removed)> wrote:
> I have a Linux box (which is not the default gw) with iptables running on
> it, whose ip is 192.168.1.4

Answered elsewhere. Please don't multipost. If you want to post the same
question in several newsgroups please crosspost a single message, instead.

Chris