Last change
on this file since 13 was
13,
checked in by mitty, 15 years ago
|
- NEW setfilter now sets nat table
- this feature clashes with setnapt.sh because both of them reset nat table
- do not use them (setfilter and setnapt.sh) at the same same time
- accept connections to local services from WAN
- ACCEPT and REDIRECT examples
|
File size:
535 bytes
|
Line | |
---|
1 | # |
---|
2 | # This file is used by /etc/init.d/setfilter |
---|
3 | # |
---|
4 | # Rules that should be stored in nat table. |
---|
5 | # These are mainly used to IP MASQUERADE and REDIRECT. |
---|
6 | |
---|
7 | |
---|
8 | *nat |
---|
9 | |
---|
10 | ## IP MASQUERADE to WAN(eth1) |
---|
11 | -A POSTROUTING -o eth1 -j MASQUERADE |
---|
12 | |
---|
13 | ## port REDIRECT to local services |
---|
14 | # 8443/tcp -> 443/tcp |
---|
15 | -A PREROUTING -p tcp --dport 8443 -j REDIRECT --to-port 443 |
---|
16 | # WAN 8000/tcp -> 443/tcp |
---|
17 | -A PREROUTING -p tcp -i eth1 --dport 8000 -j REDIRECT --to-port 443 |
---|
18 | # LAN 8000/tcp -> 22/tcp |
---|
19 | -A PREROUTING -p tcp -i eth0 --dport 8000 -j REDIRECT --to-port 22 |
---|
20 | |
---|
21 | COMMIT |
---|
Note: See
TracBrowser
for help on using the repository browser.