Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- You can set up the NAT table with additional inputs. The following script can help you solve the problem. You need to set the variables at the top depending on your system and your network.
- # / Bin / bash
- #
- # Vvvvv-Change the following! - Vvvvv
- IPTABLES = / usr / sbin / iptables
- LAN_NETWORK = 192.168.0.0/24
- Server_ip = 192.168.0.2
- INTERNET_IP = 100100100100
- REMOTING_PORT = 8895
- REGION_PORT = 9000
- # ^ ^ ^ ^ ^-Edit the above! - ^ ^ ^ ^ ^
- # First, the destination NAT: we'll redirect to the server all that goes to an external address via your ports,
- # Note: if you have a double NAT is working and that the router has no internal IP address, you will
- # Use a different set of lines with PREROUTING-DNAT - destination (-d) defined ... to the internet facing private address (the Internet address private?).
- $ IPTABLES-t nat-I PREROUTING-d $ INTERNET_IP-p tcp - dport $ REMOTING_PORT - jump DNAT - to-destination $ server_ip
- $ IPTABLES-t nat-I PREROUTING-d $ INTERNET_IP-p udp - dport $ REGION_PORT - jump DNAT - to-destination $ server_ip
- $ IPTABLES-t nat-I PREROUTING-d $ INTERNET_IP-p tcp - dport $ REGION_PORT - jump DNAT - to-destination $ server_ip
- # Second, the source NAT: we need it returns the packets to your LAN clients in pasant first by the router,
- # Otherwise, the server will try to correspond directly with the client and the client will reject it.
- $ IPTABLES-t nat-I POSTROUTING-s-d $ $ LAN_NETWORK server_ip-p tcp - dport $ REMOTING_PORT - jump SNAT - to-source $ INTERNET_IP
- $ IPTABLES-t nat-I POSTROUTING-s-d $ $ LAN_NETWORK server_ip-p udp - dport $ REGION_PORT - jump SNAT - to-source $ INTERNET_IP
- $ IPTABLES-t nat-I POSTROUTING-s-d $ $ LAN_NETWORK server_ip-p tcp - dport $ REGION_PORT - jump SNAT - to-source $ INTERNET_IP
Advertisement
Add Comment
Please, Sign In to add comment
