Add NAT section to IPv4 rules
This commit is contained in:
parent
aed1e6f71a
commit
be35d537f9
|
@ -35,12 +35,13 @@
|
|||
# a host.
|
||||
#
|
||||
# Parts 1 and 3 of these rules are the same for each host, whilst part 2 can be
|
||||
# populated with rules specific to particular hosts.
|
||||
# populated with rules specific to particular hosts. The optional part 4 is
|
||||
# prepared for a NAT rules, e.g. for port forwarding, redirect, masquerade...
|
||||
#
|
||||
# This template is based on http://jdem.cz/v64a3 from University of Leicester
|
||||
#
|
||||
# @author Jakub Jirutka <jakub@jirutka.cz>
|
||||
# @version 1.2.1
|
||||
# @version 1.3
|
||||
# @date 2014-01-26
|
||||
#
|
||||
|
||||
|
@ -147,3 +148,26 @@
|
|||
-A INPUT -m limit --limit 1/second --limit-burst 100 -j LOG --log-prefix "iptables[DOS]: "
|
||||
|
||||
COMMIT
|
||||
|
||||
|
||||
###############################################################################
|
||||
# 4. HOST SPECIFIC NAT RULES #
|
||||
# #
|
||||
# Uncomment this section if you want to use NAT table, e.g. for port #
|
||||
# forwarding, redirect, masquerade... #
|
||||
###############################################################################
|
||||
|
||||
#*nat
|
||||
|
||||
# Base policy
|
||||
#:PREROUTING ACCEPT [0:0]
|
||||
#:POSTROUTING ACCEPT [0:0]
|
||||
#:OUTPUT ACCEPT [0:0]
|
||||
|
||||
# Redirect port 21 to local port 2121
|
||||
#-A PREROUTING -i eth0 -p tcp --dport 21 -j REDIRECT --to-port 2121
|
||||
|
||||
# Forward port 8080 to port 80 on host 192.168.1.10
|
||||
#-A PREROUTING -i eth0 -p tcp --dport 8080 -j DNAT --to-destination 192.168.1.10:80
|
||||
|
||||
#COMMIT
|
||||
|
|
Loading…
Reference in New Issue