Make CentOS 6.x a port forwarding NAT device

linux centos iptables routing nat
8,018

Try to add this rule to your /etc/sysconfig/iptables right after -A PREROUTING -p tcp -d 192.168.21.10 --dport 5500 -j DNAT --to 192.168.9.120:3389

-A POSTROUTING -d 192.168.9.120 -j MASQUERADE

Second check if net.ipv4.ip_forward is set to 1 by executing 'sysctl -a | grep net.ipv4.ip_forward`

If it's still set up on 0 then execute:

sysctl -w net.ipv4.ip_forward=1

Share:
8,018

Related videos on Youtube

Andy Arismendi
Author by

Andy Arismendi

Updated on September 18, 2022

Comments

  • Andy Arismendi
    Andy Arismendi over 1 year

    I would like to make CentOS a port forwarding NAT machine using iptables. This is the first time I've tried this and I think i might need a little help.

    This is the configuration i'm trying to achieve. I'm trying to make a remote desktop connection through the CentOS machine on port 5500 and have CentOS connect to the server on port 3389.

    enter image description here

    192.168.21.11 is the client that should connect to port 3389 on 192.168.9.120 by connecting to 192.168.21.10 (CentOS) on port 5500.

    • CentOS eth0 is 192.168.9.20/24
    • CentOS eth1 is 192.168.21.10/24

    What I tried so far:

    1. Disabled SELINUX

    2. Enabled IPv4 forwarding in /etc/sysctl.conf

      /etc/sysctl.conf
net.ipv4.ip_forward = 1

    3. Ran the following iptables commands

      iptables -t nat -A PREROUTING -p tcp -d 192.168.21.10 --dport 5500 -j DNAT --to 192.168.9.120:3389
iptables -A INPUT -i eth1 -p tcp --dport 5500 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 5500 -m state --state ESTABLISHED -j ACCEPT
service iptables save

    After saving this configuration I was not able to make the remote desktop connection I'm trying to achieve, so is there anything wrong with my iptables rules? Or is there something I might be missing?

  • user9517
    user9517 almost 11 years
    -I is better than -A in most cases and especially when you don't know the full ruleset.
  • Andy Arismendi
    Andy Arismendi almost 11 years
    Ah needed the masquerade :) iptables -t nat -A POSTROUTING -d 192.168.9.120 -j MASQUERADE worked. Also iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE worked. Thanks for the help!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Make CentOS 7.x a port forwarding NAT device
Linux as router with multiple internet providers
Source Based Policy Routing & NAT (DNAT/SNAT) aka Multi WANs on CentOS 5
Marking packets with iptables with a NAT
Routing application traffic through specific interface
How to Set Up Linux Server As A Router with NAT
NAT box with multiple internal and external interfaces
Linux nat/iptables configuration for this setup
What prevents a machine from responding to pings?
How to open VPN connection inside other VPN connection under Linux/Ubuntu