port-based ip-forwarding
Hi folks, is it possible to set up linux to forward requests from the net on a specific port to a specific client in the LAN (on the same or at a different port) ? F.ex. incoming requests on port 21 should be directed to 192.168.50.20, requests to port 80 to 192.168.50.50, requests on port 4899 to 192.168.50.100, and so on. thanks in advance Stephan
Yes! You can use DNAT if you use kernel 2.4.4 upwards with iptables 1.2.4. OKDesign oHG Security Administrator wrote:
Hi folks, is it possible to set up linux to forward requests from the net on a specific port to a specific client in the LAN (on the same or at a different port) ? F.ex. incoming requests on port 21 should be directed to 192.168.50.20, requests to port 80 to 192.168.50.50, requests on port 4899 to 192.168.50.100, and so on.
thanks in advance
Stephan
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- ---------------------------------------------------------------------- Raymond Leach Cell:+27-82-416-1410 Tel:+27-11-444-5006 Fax:+27-11-444-5007 eMail:raymondl@knowledgefactory.co.za www:http://www.knowledgefactory.co.za "No matter where you go, there you are ..." ----------------------------------------------------------------------
yes. iptables can do it although i dont know the syntax or you can use 2.2 series kernel and ip_masq_portfw module with syntax # Load Port Forwarding Module /sbin/modprobe ip_masq_portfw # Setup Port Forwarding Rules # flush existing rules ipmasqadm portfw -f # Forward remote calls to port 80 to local port 80 ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.xxx 80 -R 192.168.1.50 80 there is also a program called rinetd that will do it for you.
participants (3)
-
dog@intop.net
-
OKDesign oHG Security Administrator
-
Ray Leach