› Forums › Network Management › ZeroShell › nat reflection › Reply To: nat reflection
June 11, 2007 at 11:59 am
#45400
Member
pfSense and m0n0wall uses ipfilter, zeroshell uses iptables, so you don’t need a workaround like them. You can use a rule like this one to get it working.
iptables -t nat -A prerouting_rule -d WAN_IP -p tcp --dport 80 -j DNAT --to 192.168.0.10
iptables -A forwarding_rule -p tcp --dport 80 -d 192.168.0.10 -j ACCEPT
iptables -t nat -A postrouting_rule -s 192.168.0.0/24 -p tcp --dport 80 -d 192.168.0.10 -j MASQUERADE
All traffic on port 80 from LAN (192.168.0.0/24) to WAN (WAN_IP) will be redirected to the internal webserver (192.168.0.10).