Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Network Troublshooting => General Networking Support in Linux => Topic started by: vlinux1 on January 10, 2007, 02:55:02 PM
-
Hi All,
I have DNS,MAIl,WEB server and want to give access on Internet using NAT
what i need to do. please help me about this.
Thanks in advance
Vijay
-
Means U wana access these servers through internet...???
I m not getting u, plz elobrate
Gaurav
-
Kindly elaborate your requirements more clearly.
-
Hi Gaurav & Ricky
First Thanks for u r quick reply.
I have wan ip and i want to give access of these servers on Internet.
I want script that i can keep my servers secure from outside network (WAN)
and user must get access to these (Mail,HTTP,DNS) services from Internet.
I want to give private ip address to all these servers.
Is it possible through Iptables and how to do that please explain me.
and thanks again for your earliest reply
Thanks in advance
Vijay
-
You actually need port forwarding to internal network for few services.
For that just install servers on any internal machine and then only enable requried ports ..
# this one is to redirect request on specific port to internal machine
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
--dport 6401 -j DNAT --to yyy.yyy.yyy.yyy:6401
# this is to accept the replies
/sbin/iptables -A FORWARD -p tcp -i eth0 -d yyy.yyy.yyy.yyy --dport 6401 -j ACCEPT
ie. for HTTP enable port 80 internal forwarding and for mail pop and smtp its 25 and 110 ..
and so on.
-
Hi Ricky & Gaurav
Thanks for replying i was some busy.
I checked your script but i want to configure Firewall and want to forward any request from WAN to (HTTP,DNS,MAIL) servers.
Suppose i configure DNS 192.168.x.x, Mail 192.168.x.x and Httpd 192.168.x.x then what i want to do on Firewall.
I thin you did this for your network also please help me if you have any good script to do this all.
Thanks in Advance
Vijay
-
you just modify above code according to your need ie. ip and port and implement.
I have not used it as I never required but once I used for testing.