Hi all, Im looking for some help with an iptables setup I have at my house. I have a cable connection with 5 static IP addresses and am running Ubuntu 12.04 on a box with 2 nic cards. The cable modem is not acting as a firewall or anything. The modem is plugged into eth0 and the local lan eth1. I have a source nat rule that sends all traffic out one address. It is as follows. Code: -A POSTROUTING -s 10.10.1.0/24 -o eth0 -j SNAT --to-source X.X.X.5 The default rules are set to ALLOW for forward and output in the filter table and DROP for input. ( I have tried changing this to ALLOW with no success) I want to be able to see services I am hosting on the other addresses X.X.X.1 - X.X.X.4 from the fifth address. so far I have just put in host file entries on my development machine to go to the right place and I can't keep doing this. I would think this is possible since it never needs to leave my system. Let me know your thoughts... Thanks,
on my vpn server I also need to forward ports to given vpn-IPs and I use stuff like this: Code: # squid iptables -t nat -A PREROUTING -i eth0 -d aa.bb.cc.dd -p tcp --dport 3128 -j DNAT --to 10.8.0.xx iptables -t nat -A PREROUTING -i eth0 -d aa.bb.cc.dd -p udp --dport 3128 -j DNAT --to 10.8.0.x iptables -A FORWARD -m state --state NEW,ESTABLISHED,RELATED -i eth0 -p tcp --dport 3128 -j ACCEPT iptables -A FORWARD -m state --state NEW,ESTABLISHED,RELATED -i eth0 -p udp --dport 3128 -j ACCEPT # 10.8.0.x is my vpn network iptables -t nat -A POSTROUTING -o eth0 -s 10.8.0.0/24 -j SNAT --to aa.bb.cc.dd ##### Connect the tun devices (for vpn, you probably don't need that but maybe you need to replace tun with eth0...) iptables -A FORWARD -i tun+ -j ACCEPT
