[H-GEN] fowarding port 80
David Jericho
davidj at diskpig.org
Mon Mar 18 20:44:48 EST 2002
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
[ Worthwhile understanding: http://www.humbug.org.au/netiquette.html ]
On Tue, Mar 19, 2002 at 10:57:56AM +1000, David Thorndike wrote:
> I have a debian router here and I want it to pass all port 80 requests
> through to another box on my internal network, Is this possible and if so,
> can anyone help me or suggest any good docs to help me get it working.
If you're using a 2.4 kernel with iptables, it's fairly simple.
/sbin/ iptables -t nat -A PREROUTING -p tcp --dport 80 \
-i <external interface> -j DNAT --to <internal webserver:internal webport>
That means, basically says, Address Translate all tcp packets destined
for port 80 on my external interface (regardless of ip) to be destined
for my internal webserver on its port, before any route finding is done.
PREROUTING chain (the -A PREROUTING bit) says to process this packet
after processing the INPUT chain (first thing processed), but before the
kernel makes up its mind as to where the packet is destined.
There is plenty more info on both ipchains (the old way), and iptables
(The New Way(tm)) at http://www.netfilter.org/
--
David Jericho
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list