Posted on December 27th, 2007 by linux
Lets say that we would like to do port forwarding from our network interface eth0 on port 23 (telnet) to socket 10.0.0.1:23 (ip address:port):
iptables -t nat -I PREROUTING -p tcp -i eth0 –dport 111 -j DNAT –to 10.0.0.1:23
other example:
to do port forward from eth0 on port 456 to 192.168.0.1:788
iptables -t nat -I PREROUTING -p tcp [...]
Filed under: Administration, Networks, Security | No Comments »
Posted on December 27th, 2007 by linux
Sharing internet connection with NAT (network address translation) can be easy as running commands:
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
where ppp0 is your external interface.
Filed under: Administration, Linux, Networks | No Comments »
Posted on December 26th, 2007 by linux
To block all outgoing traffic to the port 80 ( http, www, html ) use command:
iptables -A OUTPUT -p tcp –dport 80 -j DROP
To remove all iptables rules use command:
iptables -F
Sometimes you need to DROP all port 80 ( http, www, html ) traffic except certain IP address. In this case you ca run:
iptables -A [...]
Filed under: Administration, Linux, Networks, Security | No Comments »