Firewall Wizards mailing list archives
Re: Nat+Port Forwarding
From: "Amiel David" <damiel () iname com>
Date: Fri, 14 Mar 2003 19:05:49 +0100
A command like this would be sufficient : iptables -t nat -A PREROUTING -p tcp --dport 3389 -i ppp0 -j DNAT --to X.X.X.X (priv8 ip of your w2k) regards, David ----- Original Message ----- From: "Martin Schoeman" <martin () i-online co za> To: <firewall-wizards () honor icsalabs com> Sent: Friday, March 14, 2003 9:03 AM Subject: [fw-wiz] Nat+Port Forwarding
Hi I have a W2K server on my internal LAN xxx.xxx.xxx.xxx (private ip) I am using iptables and need to connect from the outside to the W2K server using MS Terminal Service. I need to open and forward port 3389 TCP and UDP for this to work as far as I know This is what I came up with so far. *nat -A PREROUTING -p tcp -m tcp --dport 3389 -j DNAT --to-destination xxx.xxx.xxx.xxx -A POSTROUTING -o eth0 -j SNAT --to-source yyy.yyy.yyy.yyy(servers external card) p --dport 3389 -j DNAT --to-destination xxx.xxx.xxx.xxx *filter -A FORWARD -p tcp -m tcp --dport 3389 -j ACCEPT -A FORWARD -p udp -m udp --dport 3389 -j ACCEPT -A INPUT -p tcp -m tcp -s 0/0 --dport 3389 -j ACCEPT -A INPUT -p udp -m udp -s 0/0 --dport 3389 -j ACCEPT Any help would be much appreciated Martin Schoeman _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Nat+Port Forwarding Martin Schoeman (Mar 14)
- Re: Nat+Port Forwarding Amiel David (Mar 14)