Programming Wiki: iptablesNotes

Programming Wiki : iptablesNotes

WikiHomePage :: Categories :: PageIndex :: RecentChanges :: RecentlyCommented :: Login/Register

Linux

Strange Rules
A strange instance I've used for forwarding output traffic to loopback
iptables -t nat -A OUTPUT -j DNAT -to 127.0.0.1

Using program fake to setup a fake interface eth0:0 with same MAC address as eth0 for taking over failed interface and looping all out traffic back to self
iptables -A OUTPUT -o eth0:0 -j NAT --to-destination 127.0.0.1

Atempting to forward VNC traffic
Getting the packets to the VNC server:
External: eth1 169.254.200.196
Internal: eth0 192.168.19.200
VNC Server: 192.168.2.200

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5900 -j DNAT -to 192.168.2.200:5900

It looks like this gets the packets to the server because VNC client waits for a while and then gives a timeout.
It need to outgoing packets to look like they are coming from the firewall. This is the part that I think is causing this to not work...
iptables -t nat -POSTROUTING -o eth1 -p tcp -j SNAT --to-source 169.254.200.196

There are no comments on this page. [Add comment]

Powered by Wikka Wakka Wiki 1.1.6.0
Page was generated in 0.0227 seconds