How to set firewall iptables for intrnet ip and port to access internet destination ip address

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

I have two linux servers: serverONE and serverTWO.
serverONE has Intranet address :10.1.200.2
serverTWO has two ip address: 10.1.0.12 and 172.8.2.16. And 10.1.0.12 is also Intranet address; 172.8.2.16 is internet address.
I have a internet destination address:10.20.102.188.
[[email protected] ~]$ ping 10.20.102.188 // is OK

and serverONE connects serverTWO is OK.
[[email protected] ~]$ ping 10.1.0.12 // is OK

I set iptables with serverTWO , and gateway in serverONE.
And it makes serverONE can ping 10.20.102.188. like:
serverTWO:
[[email protected] ~]# cat /proc/sys/net/ipv4/ip_forward
1
[[email protected] ~]# iptables -t nat -A POSTROUTING -s 10.1.0.0/255.255.0.0 -j SNAT –to 172.8.2.16

serverONE:
[[email protected] ~]# echo “GATEWAY=10.1.0.12” >> cat /etc/sysconfig/network-scripts/ifcfg-eth0
[[email protected] ~]# systemctl restart network

and then
[[email protected] ~]$ ping 10.20.102.188 //is OK.

NOW, I want to make serverONE connect 10.20.102.188 with port 1005, like:
[[email protected] ~]$ curl 10.20.102.188:1055 //is failed
curl: (7) Failed to connect to 10.20.102.188 port 1055: No route to host

I have tested serverTWO, and it is OK, like:
[[email protected] ~]$ curl 10.20.102.188:1055 //is OK
curl: (52) Empty reply from server

I have tried to make port NAT, like :
[[email protected] ~]# iptables -t nat -A PREROUTING –dst 172.8.2.16 -p tcp –dport 1005 -j DNAT –to-destination 10.1.200.2:1005
[[email protected] ~]# iptables -t nat -A POSTROUTING –dst 10.1.200.2 -p tcp –dport 1005 -j DNAT –to 10.1.0.12

UNluck, it fails again:
[[email protected] ~]$ curl 10.20.102.188:1055 //is failed again
curl: (7) Failed to connect to 10.20.102.188 port 1055: No route to host

I don’t know how to set iptables, who can help me ?

X ITM Cloud News

Marisa

Leave a Reply

Next Post

Fixed Missing Emoji - Now Emoji Overkill!

Thu Sep 17 , 2020
Spread the love          Many of the emoji in my system were missing/weren’t loading in color. I followed the directions in this post and updated my ~/.config/fontconfig/conf.d/01-emoji.conf file as instructed in the aforementioned link (code provided below) and now I have emoji overkill! My default system font is now changed, the text/character […]
X- ITM

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware

.

X ITM