iptable-fwd.md

Setup a gateway server

1. setup iptables sudo iptables -A FORWARD -o eth0 -i eth1 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -A POSTROUTING -t nat -j MASQUERADE
2. save iptables and restore on startup sudo iptables-save > /etc/iptables.sav sudo echo "iptables-restore < /etc/iptables.sav" >> /etc/rc.local
3. Enable ip forwarding sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" edit /etc/sysctl.conf and add net.ipv4.ip_forward=1

Setup gateway on client sudo ip route add default via 192.168.0.1

Remove a rule

iptables -L -n --line-numbers
iptables -D INPUT <<number here>>

Nat live 2222 > dev 22

iptables -A INPUT -i eth0 -p tcp -m tcp --dport 2222 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 2222 -j DNAT --to 192.168.1.3:22
iptables -A FORWARD -o eth0 -i eth1 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE