I am trying to forward all the incoming internet/LAN requests on port 80 to my local machine (running Apache), current iptables work (forward incoming internet traffic to my desktop, but if I try to access it from my local network it won't work.
Interface connecting my Ubuntu server to the internet is ppp0 (dialed DSL connection through my router that is in bridge mode) which is connected to the eth0 and eth1 is connected to my internal LAN.
iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.0 -o ppp0 -j MASQUERADE
iptables -A INPUT -i ppp0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
#port forwarding
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 192.168.2.2:80
iptables -A FORWARD -i ppp0 -p tcp --dport 80 -j ACCEPT
also tested with
iptables -t nat -A PREROUTING -i lo -p tcp --dport 80 -j DNAT --to-destination 192.168.2.2:80
no luck there eather
what i was able to gather so far (via logs), is that accessing external server ip directly from the LAN goes directly to eth1 which is understandable (i think).
So what i need now (i guess) is an rule that will forward the LAN traffic on eth1 without interfering with the ppp0 prerouting rule (as forwarding all the incoming traffic on eth1 to my local machine will break the internet connection)
No comments:
Post a Comment