iptables tips and tricks

From WebHostingNeeds.com
Jump to: navigation, search

Port Redirects

Suppose you'd like to accommodate customers that aren't able to connect to port 25 through there ISP. This will redirect any traffic going to IP 10.1.1.1 (port 26) and send it to IP 10.1.1.1 (port 25):

iptables -A PREROUTING -p tcp -m tcp -d 10.1.1.1 --dport 26 -j DNAT --to 10.1.1.1:25


OR you might need to do:

iptables -t nat -A PREROUTING -d 10.1.1.1 -p tcp --dport 26 -j REDIRECT --to-ports 25


NAT Masquerade

iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -d ! 10.10.10.0/24 -j MASQUERADE
sysctl -w net.ipv4.ip_forward=1

Where 10.10.10.0 is the network you are masquerading for.

iptables