[TriLUG] iptables routing help
Steve Kuekes via TriLUG
trilug at trilug.org
Wed Apr 8 11:19:44 EDT 2020
I need help with a Iptables routing problem. Here is my setup.
Internet <==> Linux Server with Iptables NAT firewall <==> local net
107.5.x.x 192.168.1.1 192.168.1.0/24
I have a web server on my internal network 192.168.1.13. My Linux
server has a DNS entry for abc.com that points to the Internet address
of my Iptables firewall (107.5.x.x). I have enabled port forwarding on
the NAT firewall so that when I go the the web site http://abc.com I get
port forwarded to the internal web server at 192.168.1.13. This works
fine when the client (like my phone) making the request is connected to
the internet or another network behind a firewall.
The problem is that I would like to be able to make the same request
from a client (my phone) when it is connected to the Wifi on my local
network. When this request is made I get connected to the Apache that
is running on the IPtables server, not my server at 192.168.1.13. If I
make the request using the URL http://192.168.1.13 then everything works
just fine. I would like to make the request work so I can use the same
URL regardless of whether the request is coming from the internet or
from a client on my local network.
Here are my NAT firewall rules
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth2 -j MASQUERADE
-A PREROUTING -p tcp -m tcp --dport 80 -i eth2 -j DNAT --to 192.168.1.13:80
I have tried Googling by I cannot seem something that is this problem.
Anybody got an idea or a pointer to a page with a similar solution.
Thanks
--
Steve Kuekes
Fisherman: 2007 Sea Fox 225 Bay Fisher
email: steve at kuekes.com
More information about the TriLUG
mailing list