[wplug] iptable problems
coldfire
rolick571 at duq.edu
Tue Dec 18 10:07:49 EST 2001
> I see. Thanks.
awesome .. i hope it's working :)
as for forwarding to another box behind the firewall, you should concern
yourself with the prerouting chain in your nat table. i don't have a
network to test it with, but off the top of my head, a rule like this
should (may) work:
iptables -t nat -A PREROUTING -i ppp0 -d <ipaddr> -o <eth1> -p
tcp --dport 80 -j DNAT --to-destination <ipaddr>[:port]
as far as the state module ... i'm not sure if you'll need NEW,ESTABLISHED
as once a packet it mangled and forwarded to <ipaddr>[:port], all rules
will cease being examined and every packet for that address forwarded.
therefore, only NEW should be required ... i hope this works and that i'm
not talking out of my ass :)
coldie
More information about the wplug
mailing list