Hello, I have a server to which is defined with static nat in Shorewall, and on that server, I''m running a http on a non-standard port (lets say, port 1234). I would like to use on of my free IP addresses, and map port 80 on the public side to port 1234 on the private side (forget about binding my services on a separate IP on the server, if it was feasible, I would have done that). What would be the best method to doing so? Thanks Kris
--On Tuesday, January 28, 2003 5:08 PM -0500 Kristopher Lalletti <kristopher.lalletti@nobelia.com> wrote:> Hello, > > I have a server to which is defined with static nat in Shorewall, and on > that server, I''m running a http on a non-standard port (lets say, port > 1234). I would like to use on of my free IP addresses, and map port 80 > on the public side to port 1234 on the private side (forget about > binding my services on a separate IP on the server, if it was feasible, > I would have done that). > > What would be the best method to doing so? >Use a REDIRECT rule in /etc/shorewall/rules. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
--On Tuesday, January 28, 2003 2:20 PM -0800 Tom Eastep <teastep@shorewall.net> wrote:> > > --On Tuesday, January 28, 2003 5:08 PM -0500 Kristopher Lalletti > <kristopher.lalletti@nobelia.com> wrote: > >> Hello, >> >> I have a server to which is defined with static nat in Shorewall, and on >> that server, I''m running a http on a non-standard port (lets say, port >> 1234). I would like to use on of my free IP addresses, and map port 80 >> on the public side to port 1234 on the private side (forget about >> binding my services on a separate IP on the server, if it was feasible, >> I would have done that). >> >> What would be the best method to doing so? >> > > Use a REDIRECT rule in /etc/shorewall/rules. >Sorry -- I reread your question and realized that I has misread it the first time. You can simply use a port forwarding rule for the second IP. DNAT net loc:<ip>:1234 tcp 80 - <second ip> -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net