IPTABLES Help

[djdrastic]

Hi guys I have a question , my current network setup looks like this

[Private]
INTERNAL ETH0 <------- IPTABLES Firewall / NAT ------> External
0000000000 BAD BAD BAD BAD


I need a service to be available to the internet , without publishing the internal networks structure to the internet . I was thinking of pointing towards the PUBLIC ip and then IPTABLES automagically redirecting the packets to the internal host .

I have read some online articles but I cant seem to get a definite article showing me how to do it


If somebody here knows a thing or two about iptables gimme a reply or point me in the right direction

 

[OMG1Penguin]

Your diagram makes no sense to me, but routers have a feature named port forwarding. For specified ports, it forwards the packets to a specified ip (would have to be a static IP).
This allows you to run FTP, etc on your home network, available to external networks.

 

[groovin]

im not good with iptables, but wouldnt it be something like:

iptables -t nat -A PREROUTING -d <your public ip> -p tcp --dport <port your service listens to> -j DNAT --to <private IP of destination server>

as i said, not sure if this is correct.. its just off the top of my head. maybe someone else can help.