Даже без скрипт директно пиша iptables -A PREROUTING -t nat -p tcp -i eth1 --dport 80 -j DNAT --to 192.168.0.2:80## This script needs to be started at boot. When you made changes simply run the script manually.
## eth0 is the LAN-connected interface
## eth1 is the Internet-connected interface
# Enable IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clean up iptables (flush it)
iptables -F
iptables -t nat -F
iptables -X
# Enable IP MASQUERADING/NAT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# Set firewall policies (default behaviour)
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# Allow all connections not from eth1
iptables -A INPUT -i ! eth1 -j ACCEPT
# Allow all ICMP connections (like ping)
iptables -A INPUT -p ICMP -j ACCEPT
# Allow all already established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
## Make holes in the firewall for running different services
# Open HTTP (for running a web server)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#Forwarding
iptables -A PREROUTING -t nat -p tcp -i eth1 --dport 80 -j DNAT --to 192.168.0.2:80
Въпреки това никакъв forward не работи за портовете и при iptables -L в chain нищо не показва...
Някой занимавал ли се е да каже къде бъркаме...
Настройките са:
eth1 - internet със static real ip
eth0 - 192.168.0.1
192.168.0.2 - windows pc
Целта е от интернет да се препрати port(или range) към windows машината