Mailing List Archive: iptables: User

specify source port on NAT

Index | Next | Previous | View Threaded

snowwolfv at gmail

Jun 29, 2007, 6:37 AM

Post #1 of 2 (753 views)
Permalink

specify source port on NAT

hello members,

My client has a strange requirement.When I made a nat firewall with
iptables for him,he need the forwarded package's source port was not
changed,or changed to a specified port which he can control.

For example,

192.168.1.1 ---> iptables(nat) ---> www.aol.com
(sport: 1234) (sport: 1234) (dport:80)

He need that when a package was left from iptables,the source port was
still 1234.
(or something like 1235 is also ok,but he need to control it,it means
he can descide which port is the source port from iptables.)

How to do it?thanks.

davila at nicaraguaopensource

Jun 29, 2007, 9:57 AM

Post #2 of 2 (719 views)
Permalink

Re: specify source port on NAT [In reply to]

From http://iptables-tutorial.frozentux.net/

An example:

iptables -t nat -A POSTROUTING -p tcp -o eth0 -j SNAT --to-source
194.236.50.155-194.236.50.160:1024-32000

Best regards,

Jorge Dávila.

Snow Wolf wrote:
> hello members,
>
> My client has a strange requirement.When I made a nat firewall with
> iptables for him,he need the forwarded package's source port was not
> changed,or changed to a specified port which he can control.
>
> For example,
>
> 192.168.1.1 ---> iptables(nat) ---> www.aol.com
> (sport: 1234) (sport: 1234) (dport:80)
>
> He need that when a package was left from iptables,the source port was
> still 1234.
> (or something like 1235 is also ok,but he need to control it,it means
> he can descide which port is the source port from iptables.)
>
> How to do it?thanks.
>
>

--
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 430 5462
davila [at] nicaraguaopensource

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads