So to redirect an outgoing connection headed for 1.2.3.4 I add a custom route on the Windows machine, routing to a Fedora Linux machine 192.168.0.117:
On the linux machine I edit /etc/sysctl.confroute add 1.2.3.4 mask 255.255.255.255 192.168.0.117
and runnet.ipv4.ip_forward = 0
In /etc/sysconfig/iptables I addsysctl -e -p /etc/sysctl.conf
and restart iptables.*nat
-A PREROUTING -p tcp -m tcp -d 1.2.3.4 -j DNAT --to-destination 192.168.1.7
-A POSTROUTING -p tcp -m tcp -d 192.168.1.7 -j SNAT --to-source 192.168.0.117
COMMIT
1 comment:
MASQUERADE can be used instead of specifying the gateways external IP in POSTROUTING:
-A POSTROUTING -p tcp -m tcp -d 192.168.1.7 -j MASQUERADE
Post a Comment