I am trying to setup my raspberry pi to sit between my router and my modem. I'm basically trying to set it up as an intercepting proxy so that all web traffic goes through the proxy.
I have the modem connected to eth0 and the router to eth1. Everything works fine now, I have my iptables setup and all web traffic goes through the proxy. What I need to make happen though, is allow all incoming traffic on eth0 to go directly to eth1. Is this possible to do with iptables or do I need to create a bridge between the 2 to make this happen.
If I need to create a bridge, how can I do that while still intercepting web traffic?
Answer
What you need is Destination NAT (DNAT): A good start is this post on SU: Use port forwarding with masquerade
You don't actually need to specify a port range.
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to ${LAN_SERVER_IP}
See netfilter documentation or this page
This page also has some information about possible caveats when reaching the server from LAN (it has to be SNAT-ed).
No comments:
Post a Comment