Subj : Re: HTTP SERVER ON FORWARDED MACHINE
To   : comp.os.linux.networking,comp.os.linux,comp.os.linux.redhat,comp.os.linux.security,comp.os.linux.misc
From : John-Paul Stewart
Date : Mon Aug 23 2004 02:56 pm

JoeAley2003 wrote:
> Hi all...
> 
> 
>  I have a redhat linux 9 connected to the internet and 1 computer that
> receives internet forwarded from the linux.
> 
>  What i need is to run a valid on internet http server on this
> forwarded computer where i run apache on port 80.

Use these as a starting point:

iptables -A FORWARD -s 0.0.0.0/0 -d $IP_INTERNET -p tcp \
    --destination-port 80 -j ACCEPT

iptables -t nat -A PREROUTING -d $IP_INTERNET -j DNAT \
     --to-destination <local-ip-address>

iptables -t nat -A POSTROUTING -o $IFACE_INTERNET \
     -s <local-ip-address> -j SNAT --to-source $IP_INTERNET

Those will almost certainly need some modification to suit your 
situation.  They're based on my setup where externally visible machines 
get 1-1 NATed, since I have more than one publically visible IP address. 
  But the idea should get you started.  Note that local-ip-address 
refers to the address of the machine running Apache, *not* the local 
address of the machine running iptables.

.