X-Git-Url: http://lab.mitty.jp/git/?a=blobdiff_plain;f=iptables%2Fufw%2Fnat.rules;fp=iptables%2Fufw%2Fnat.rules;h=ce375a18d4e435e6c0f798144bb7c9a50b265203;hb=71b798cb5d5acf287fe80c4c343c6fe703e19c0c;hp=0000000000000000000000000000000000000000;hpb=49996391c0a72e72d2f07c9959e94f6036d621bb;p=lab.git

diff --git a/iptables/ufw/nat.rules b/iptables/ufw/nat.rules
new file mode 100644
index 0000000..ce375a1
--- /dev/null
+++ b/iptables/ufw/nat.rules
@@ -0,0 +1,21 @@
+#
+# This file is used by /etc/init.d/setfilter
+#
+# Rules that should be stored in nat table.
+# These are mainly used to IP MASQUERADE and REDIRECT.
+
+
+*nat
+
+## IP MASQUERADE to WAN(eth1)
+-A POSTROUTING -o eth1 -j MASQUERADE
+
+## port REDIRECT to local services
+# 8443/tcp -> 443/tcp
+-A PREROUTING -p tcp --dport 8443 -j REDIRECT --to-port 443
+# WAN 8000/tcp -> 443/tcp
+-A PREROUTING -p tcp -i eth1 --dport 8000 -j REDIRECT --to-port 443
+# LAN 8000/tcp -> 22/tcp
+-A PREROUTING -p tcp -i eth0 --dport 8000 -j REDIRECT --to-port 22
+
+COMMIT