doc:appunti:linux:sa:iptables
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
doc:appunti:linux:sa:iptables [2020/06/15 10:45] – [Shorewall with router in local LAN] niccolo | doc:appunti:linux:sa:iptables [2020/11/23 15:28] (current) – [Shorewall and DNAT onto a local host] niccolo | ||
---|---|---|---|
Line 40: | Line 40: | ||
A web server is reachable from the internet onto a local host (**192.168.1.5**) via a DNAT rule, local hosts want to use the public address (**130.151.100.69**) to reach the d-natted server. Traffic will be masqueraded by the firewall with its address (**192.168.1.254**) on the local LAN (**eth0**, **192.168.1.0/ | A web server is reachable from the internet onto a local host (**192.168.1.5**) via a DNAT rule, local hosts want to use the public address (**130.151.100.69**) to reach the d-natted server. Traffic will be masqueraded by the firewall with its address (**192.168.1.254**) on the local LAN (**eth0**, **192.168.1.0/ | ||
- | In '' | + | In **/ |
< | < | ||
Line 47: | Line 47: | ||
</ | </ | ||
- | In '' | + | For Shorewall 5 we nedd a line in **/ |
+ | |||
+ | < | ||
+ | # | ||
+ | SNAT(192.168.1.254) | ||
+ | </ | ||
+ | |||
+ | Shorewall 4 instead requires a line in **/ | ||
< | < | ||
Line 54: | Line 61: | ||
</ | </ | ||
- | In '' | + | In **/ |
< | < | ||
Line 63: | Line 70: | ||
</ | </ | ||
+ | Mapping different port from outside to inside is handled only in **/ | ||
===== Shorewall with router in local LAN ===== | ===== Shorewall with router in local LAN ===== | ||
doc/appunti/linux/sa/iptables.txt · Last modified: 2020/11/23 15:28 by niccolo