all (remaining) ports to a specific host on the network. Note that I am hoping
to avoid using this but it is required as an option.
The server/router runs some services. There is a chain of RETURNs for those
services. Packets with the remaining destination ports fall through to the
actual DNAT target:
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination 192.168.2.10
But what affect does this have on ESTABLISHED,RELATED connections? Does this
interfere with, say, a reply from google.com:80 to network host 192.168.2.99?
Links etcetera welcome.
Thanks.
No comments:
Post a Comment