Sunday, October 29, 2017

linux - Forwarding all incoming traffic on eth0 to go to eth1



I am trying to setup my raspberry pi to sit between my router and my modem. I'm basically trying to set it up as an intercepting proxy so that all web traffic goes through the proxy.



I have the modem connected to eth0 and the router to eth1. Everything works fine now, I have my iptables setup and all web traffic goes through the proxy. What I need to make happen though, is allow all incoming traffic on eth0 to go directly to eth1. Is this possible to do with iptables or do I need to create a bridge between the 2 to make this happen.



If I need to create a bridge, how can I do that while still intercepting web traffic?



Answer



What you need is Destination NAT (DNAT): A good start is this post on SU: Use port forwarding with masquerade



You don't actually need to specify a port range.



# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to ${LAN_SERVER_IP}


See netfilter documentation or this page




This page also has some information about possible caveats when reaching the server from LAN (it has to be SNAT-ed).


No comments:

Post a Comment

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...