2009-05-28

Rewriting Windows connection

Windows' routing and firewall tools doesn't seem as powerful as I'm used to on Linux.

So to redirect an outgoing connection headed for 1.2.3.4 I add a custom route on the Windows machine, routing to a Fedora Linux machine 192.168.0.117:
route add 1.2.3.4 mask 255.255.255.255 192.168.0.117
On the linux machine I edit /etc/sysctl.conf
net.ipv4.ip_forward = 0
and run
sysctl -e -p /etc/sysctl.conf
In /etc/sysconfig/iptables I add
*nat
-A PREROUTING -p tcp -m tcp -d 1.2.3.4 -j DNAT --to-destination 192.168.1.7
-A POSTROUTING -p tcp -m tcp -d 192.168.1.7 -j SNAT --to-source 192.168.0.117
COMMIT
and restart iptables.

1 comment:

kiilerix said...

MASQUERADE can be used instead of specifying the gateways external IP in POSTROUTING:

-A POSTROUTING -p tcp -m tcp -d 192.168.1.7 -j MASQUERADE