Subj : Re: IPTables forwarding rule To : alt.linux,alt.os.linux,comp.os.linux,aus.computers.linux From : Black Adder Date : Wed Jul 21 2004 10:01 pm I had a client similar to that too. I threw in an IPCOP box for them, and took out the firewall -- ---------------------------------------------------------------------------- ------------------------------------------------------------ "It's all coming back to me now", said the blind man as he peed into the wind "Harry Phillips" wrote in message news:i7p1t1-n1u.ln1@free.teranews.com... > I have a client with a firewall device that has a limited interface to > iptables (I cannot ssh into it either). All you can do is forward a port > to another IP address, you can't restrict it to a certain source IP. > > I have set it up to forward port 22 to my Linux box, that then has > IPTables to accept anything local and drop everything else except my > ADSL modem IP. > > Now I want to do a similar thing except forward the packets to another > internal host. I have no idea where to start and what rules to use. The > setup is: > > _____________________ > | (firewall device) | |---> |192.168.1.50| > internet <----> |ext_ip 192.168.1.254| <---|---> |192.168.1.1 | > |_____________________| |---> |192.168.1.x | > > > I want the Linux box (192.168.1.1) to forward port x to 192.168.1.50, > but only if the source is my ADSL modem IP. > > Do I use the NAT and PREROUTING, POSTROUTING, FORWARD? I have examples > from the Internet if the Linux box and the host it is forwarding to are > on different networks but not when they are on the same network. > > -- > Regards, > Harry Phillips .