I am trying to build a router from ubuntu 12.04. What I am trying to do is, by using 1 public IP (100.0.0.100) and I tons of local ips like 10.0.0.0/16, to map each port to one ip like;
100.0.0.100:5678 <-> 10.0.0.5:80 // http://100.0.0.100:5678 should bring me web server on 10.0.0.5
100.0.0.100:6789 <-> 10.0.0.6:8080
100.0.0.100:7890 <-> 10.0.0.7:22
....
What I did is; I build the NAT rules like below (Assuming that this accepts packets from eth0 and forward it through eth1)
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables-save
service ufw restart
And then tried these commands;
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 213.128.88.2:80
iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth0 -j ACCEPT
I Tested is by trying to open the web site with the IP 192.168.0.36 (Which is the Ubuntu Server IP)
Additionally; Output of "iptables -t nat -L" is;
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:http to:213.128.88.2:80
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
What I tried is to iptables with various nat rules but I cannot achieve this. How can I achieve this ?
Thanks in advance, Baris
Assuming you have the NAT itself set up and working (there are about a million tutorials for that), port forwarding is just a normal rule, eg
Lather, rinse, and repeat for every port you want to forward somewhere.
To set up the NAT itself, do something like this:
(Assuming eth1 is your local network and eth0 is your internet connection.) Then add the port forwarding commands.