The accepted solution works when the destination host and the gateway are on the same subnet (like is in your case, both are on eth0 192.168.1.0/24).īelow is a generic solution for when the gateway, source and destination are all on different subnets.ġ) Enable IP forwarding: sysctl 0.forwarding=1Ģ) Add 2 iptables rules to forward a specific TCP port: I thought this might save someone time on their respective router. The use of the script is simple just copy and paste it to a file and then.
Iptables -t nat -A POSTROUTING -p tcp -m tcp -s $dest_addr_lan -sport $dest_port_lan -j SNAT -to-source $wan_addr Iptables -A FORWARD -m state -p tcp -d $dest_addr_lan -dport $dest_port_lan -state NEW,ESTABLISHED,RELATED -j ACCEPT Iptables -t nat -A PREROUTING -p tcp -m tcp -d $wan_addr -dport $dest_port_wan -j DNAT -to-destination $dest_addr_lan:$dest_port_lan Iptables -t nat -D POSTROUTING -p tcp -m tcp -s $dest_addr_lan -sport $dest_port_lan -j SNAT -to-source $wan_addr Iptables -D FORWARD -m state -p tcp -d $dest_addr_lan -dport $dest_port_lan -state NEW,ESTABLISHED,RELATED -j ACCEPT Iptables -t nat -D PREROUTING -p tcp -m tcp -d $wan_addr -dport $dest_port_wan -j DNAT -to-destination $dest_addr_lan:$dest_port_lan Read -p "Does everything look correct? " -n 1 -r # auto fill our dest lan port if we need toĮcho "Destination LAN Address: $dest_addr_lan"Įcho "Destination Port WAN: $dest_port_wan"Įcho "Destination Port LAN: $dest_port_lan" It automatically infers the WAN IP and confirms your selections before proceeding.
I have created the following bash script for doing this on my linux router.
0 kommentar(er)
