StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POwith iptables forwarding port to other client but with recognition of original sender ip
primarykey
Id
14877900
data
AcceptedAnswerId
0
AnswerCount
3
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2013-02-14T15:11:11.577
FavoriteCount
1
LastActivityDate
2017-04-06T16:56:43.007
LastEditDate
LastEditorUserId
0
OwnerUserId
1957820
ParentId
0
PostTypeId
1
Score
2
ViewCount
11858
LastEditorDisplayName
text
Body
I have a firewall (based on iptables) at dedicated ubuntu server. I have several LAN Clients. At one of my LAN Clients I am running software where I can restrict acces based on IP. For me it is important that I can restrict that by using WAN IPs so not LAN IPs. I have configured my firewall so that a/one port is forwarded to a LAN client which work good (solution found at stackoverflow). So far no problems. However at the LAN client I do not see the IP of external sender but - I think due to the forwarding - the client sees that the packet is coming from my LAN server. Question is: how to forward a port on my server to another LAN IP with different port, but so that the LAN client recognizes the external IP of the packet. Lets make it more clear: server LAN IP: 192.168.1.10 server port: 8080 should be forwarded to: client LAN IP: 192.168.1.20 client LAN port: 8000 With iptables I have: <pre><code>iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 8080 -d 192.168.1.10 -j DNAT --to 192.168.1.20:8000 iptables -A FORWARD -p tcp -d 192.168.1.20 --dport 8000 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -p tcp --dport 8000 -d 192.168.1.20 -j SNAT --to 192.168.1.10 </code></pre> As written that works, but when f.i. someone at IP 88.77.66.55 sends a packet then my LAN client (192.168.1.20) sees that the packet is coming from my LAN server (192.168.1.10) and unfortunately not from 88.77.66.55. Can I fix that...?
Tags
<iptables>
Title
with iptables forwarding port to other client but with recognition of original sender ip
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USni_hao
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.