Forwarding an IP from external to internal

I'm looking to forward traffic going to an external IP address to a local
IP address.

The rule I found to try this with is: iptables -t nat -A PREROUTING -p tcp
-d 207.176.140.17 -j DNAT --to-destination 192.168.2.33


Now I know very little about IPTables, but when I run this and then try to
connect to 207.176.140.17 it just goes to the machine the external IP is
on (I can tell cause one is running a webserver, and the other isn't).

Is there a preamble to this rule I missed? Have I done something
completely wrong?

Currently, IPTables just passes all traffic by default with no other rules.


Any help would be appreciated.


Chris

On Sunday 22 June 2003 01:10 , Chris Cameron wrote:

> I'm looking to forward traffic going to an external IP address to
> a local IP address.
>
> The rule I found to try this with is: iptables -t nat -A PREROUTING -p
> tcp -d 207.176.140.17 -j DNAT --to-destination 192.168.2.33
>
>
> Now I know very little about IPTables, but when I run this and then try
> to connect to 207.176.140.17 it just goes to the machine the external IP
> is on (I can tell cause one is running a webserver, and the other isn't).

You need to make sure that the traffic for 207.176.140.17 is
accepted by the Linux box on which the above rule is provisioned
otherwise this won't work.

You do this by assigning this IP address to the external
interface of the Linux box and removing the other machine which
currently uses this address from the ext. net. If the Linux
box' external interface has already another IP address, then
use an alias, eg.

ifconfig eth0:0 inet 207.176.140.17 netmask <your netmask here>

(assuming that eth0 is the external interface)


HTH

Ciao, Horst
--
»When pings go wrong (It hurts me too)« E.Clapton/E.James/P.Tscharn