Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > Port Mapping with iptables?

Reply
Thread Tools Display Modes

Port Mapping with iptables?

 
 
Allan Bruce
Guest
Posts: n/a

 
      12-19-2005, 10:26 AM
I have a linux machine running iptables which I use as my router. I have
several machines behind the router and I wish to map incoming ports from the
outside world to different ports on one of the internal machines. At the
moment I use the following commands to forward a port keeping the port
number the same:

iptables -t nat -I PREROUTING -p tcp -s ! 192.168.1.104 --dport 3333 -j
DNAT --to 192.168.0.104
iptables -I FORWARD -p tcp -d 192.168.1.104 --dport 3333 -j ACCEPT

How can I change this so I can map say port 4444 externally to port 3333
internally?

Thanks
Allan
 
Reply With Quote
 
 
 
 
Pedros
Guest
Posts: n/a

 
      12-19-2005, 10:41 AM
Allan Bruce wrote:

> I have a linux machine running iptables which I use as my router. I have
> several machines behind the router and I wish to map incoming ports from
> the
> outside world to different ports on one of the internal machines. At the
> moment I use the following commands to forward a port keeping the port
> number the same:
>
> iptables -t nat -I PREROUTING -p tcp -s ! 192.168.1.104 --dport 3333 -j
> DNAT --to 192.168.0.104
> iptables -I FORWARD -p tcp -d 192.168.1.104 --dport 3333 -j ACCEPT
>
> How can I change this so I can map say port 4444 externally to port 3333
> internally?
>
> Thanks
> Allan
You could try this

iptables -A PREROUTING -t nat -p tcp -d $EXTIP --dport 4444 -j DNAT --to
$INTIP:3333

If I got you right.

~pete
 
Reply With Quote
 
dave
Guest
Posts: n/a

 
      12-19-2005, 06:37 PM
"Allan Bruce" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have a linux machine running iptables which I use as my router. I have
>several machines behind the router and I wish to map incoming ports from
>the outside world to different ports on one of the internal machines. At
>the moment I use the following commands to forward a port keeping the port
>number the same:
>
> iptables -t nat -I PREROUTING -p tcp -s ! 192.168.1.104 --dport 3333 -j
> DNAT --to 192.168.0.104
> iptables -I FORWARD -p tcp -d 192.168.1.104 --dport 3333 -j ACCEPT

I use a similar DNAT setup and find the following works fine.

iptables -t nat -A PREROUTING -i $INTIF -p tcp --dport 3333 -j
DNAT --to-dest 192.168.0.104:4444

Which should map 3333 to 4444 on the internal machine.

I presume you'd need to allow traffic through on the new port as well if you
block it by default.

HTH.

Dave.
 
Reply With Quote
 
 
 
Reply

« wireless problem | PLIP: how to assign IRQ when plip is compiled in the kernel? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Port mapping issue!! DualMarco Linux Networking 1 03-14-2006 11:42 AM
Port Mapping Akechi Broadband Hardware 5 03-19-2005 06:02 AM
one-to-one mapping using IPTABLES with LOG. baruah Linux Networking 0 01-22-2005 09:33 AM
MN-100 Application port trigger vs port mapping Nikitas Broadband Hardware 0 11-12-2004 02:41 AM
DLink 614+ and port mapping Thomas Peel Wireless Internet 0 02-18-2004 08:55 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11