Last active
September 7, 2017 09:40
-
-
Save goncha/3741416 to your computer and use it in GitHub Desktop.
iptables nat & port forwarding
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## set net.ipv4.ip_forward = 1 in /etc/sysctl.conf | |
| ## NAT: | |
| iptables -t nat -A POSTROUTING -s 1.1.9.251/32 -o ${INET_DEV} -j SNAT --to-source ${INET_IP} | |
| ## PORT FORWARDING: | |
| iptables -t nat -A PREROUTING -i ${INET_DEV} -p tcp -m tcp --dport ${INET_PORT} -j DNAT --to-destination ${LOCAL_IP}:${LOCAL_PORT} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
with rules specified above i am able to forward traffic coming on one server to other but i am not able to get original client IP as we are doing SNAT in postrouting chain.
I want to forward traffic on 192.168.0.192 to 172.16.1.28 but i want original client IP who sent packet on 192.168.0.192
How i can do that