Hello everybody!!
For today I’ll configure a Router Linux with NAT using Iptables and a simple port redirection. Basically NAT allow protect our network, translating a local IP network to another IP, changing the source IP of the packet headers.
The scenario is the next:
- Client: eth0 192.168.1.50/24
- Server : eth0 10.1.1.2/8 default gateway 10.1.1.1
- Router: eth0 192.168.1.101/24 eth1 10.1.1.1/8
- -A : add rule to iptables.
- -L : list rules of specified table (default table filter).
- -t
: specific table (in this case nat).
- -o
: out traffic interface. - -i
: in traffic interface. - -p
: protocol establish a protocol for a rule. - -m
: load a specific module. - –dport
: the number of destination port. NAT with iptables
Installing and enabling NAT in the Router:
# yum install iptables
Enable routing:
# echo 1 > /proc/sys/net/ipv4/ip_forward # vi /etc/sysctl.conf
Add the rule on iptables to masking all the traffic routed:# iptables -A POSTROUTING -o eth0 -t nat -j MASQUERADE
Configuring port redirections
For example add a redirection port for ssh to the server:
Add rule:
# iptables -A PREROUTING -t nat -m tcp -p tcp --dport 22 -i eth0 -j DNAT --to-destination 10.1.1.2
to see the iptables rules that we configured:
# iptables -L -t nat
to test from client i’ll connect over ssh to server:
# ssh [email protected]
To save our rules of iptables add the rules in /etc/sysconfig/iptables.
And voila! we have a simple network with nat and we can add all the redirections that we want.
Good Bye!!
Configure NAT in Linux- Install, configure and update the ports tree
- ProFTPD + MySQL
- -o