linux-packet-forwarding
Table of Contents
Linux Packet Forwarding
Basic outgoing masquerding script
#!/bin/bash network=192.168.3.0/24 ext_if=eth0 ext_ip=$(ip address show $ext_if | awk -F "[ /]" '/inet / { print $6 }') # Turn off forwarding echo 0 > /proc/sys/net/ipv4/ip_forward # Create NAT rule iptables -t nat -I POSTROUTING -s $network -o $ext_if -j SNAT --to-source $ext_ip # Create FW rules to allow traffic iptables -I FORWARD -s $network -j ACCEPT iptables -I FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT # Turn on forwarding echo 1 > /proc/sys/net/ipv4/ip_forward
Incoming port forwarding
#!/bin/bash port=80 host=192.168.3.80 iptables -t nat -A PREROUTING -m tcp -p tcp --dport $port -j DNAT --to-destination $host:$port
linux-packet-forwarding.txt · Last modified: 2022/01/29 11:27 by baumi