source: lab.git/iptables/ufw/nat.rules @ c8daa69

trunk
Last change on this file since c8daa69 was 71b798c, checked in by mitty <mitty@…>, 15 years ago
  • NEW setfilter now sets nat table
    • this feature clashes with setnapt.sh because both of them reset nat table
    • do not use them (setfilter and setnapt.sh) at the same same time
  • accept connections to local services from WAN
    • ACCEPT and REDIRECT examples

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@13 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

  • Property mode set to 100644
File size: 535 bytes
Line 
1#
2# This file is used by /etc/init.d/setfilter
3#
4# Rules that should be stored in nat table.
5# These are mainly used to IP MASQUERADE and REDIRECT.
6
7
8*nat
9
10## IP MASQUERADE to WAN(eth1)
11-A POSTROUTING -o eth1 -j MASQUERADE
12
13## port REDIRECT to local services
14# 8443/tcp -> 443/tcp
15-A PREROUTING -p tcp --dport 8443 -j REDIRECT --to-port 443
16# WAN 8000/tcp -> 443/tcp
17-A PREROUTING -p tcp -i eth1 --dport 8000 -j REDIRECT --to-port 443
18# LAN 8000/tcp -> 22/tcp
19-A PREROUTING -p tcp -i eth0 --dport 8000 -j REDIRECT --to-port 22
20
21COMMIT
Note: See TracBrowser for help on using the repository browser.