waspinator
New Around Here
Hi,
I've got a bunch of WAN IPs which I want to translate to a bunch of LAN IPs, but only open some ports. None of WAN IPs I want to translate are the primary WAN IP the router uses to connect to the internet.
For example I want to translate
- WAN IP 216.58.216.238 to LAN IP 10.10.10.10 and open ports 80 and 443
ifconfig shows the following interfaces: br0, eth0, eth1, eth2, lo, vlan1, vlan2.
vlan2 has my external IP address assigned to it.
How would I do the translation?
On my older RT-N16 router I put a nat-start script into /jffs/scripts/nat-start (and chmod a+rx) with these types of commands:
ifconfig eth0:1 216.58.216.238 netmask 255.255.255.0 up
iptables -t nat -A PREROUTING -i eth0 -d 216.58.216.238 -p tcp --dport 80 -j DNAT --to-destination 10.10.10.10:80
iptables -t nat -I POSTROUTING -s 10.10.10.10 -j SNAT --to 216.58.216.238
but that doesn't seem to work anymore. Should I be using another interface. vlan2? Should it be in another script file?
running ifconfig after rebooting I get some extra interfaces showing up. For example: eth0:1. It has the same HWaddr as eth0 and vlan2, and it has the correct external ip address assigned to its inet addr, but I still can't see the device outside my network.
if I run `iptables -t nat -vnL` it seems to have registered something. For example I have:
Chain PREROUTING (policy ACCEPT 5212 packets, 475K bytes)
pkts bytes target prt opt in out source destination
...
0 0 DNAT tcp --- eth0 * 0.0.0.0/0 216.58.216.238 tcp dpt:80 to 10.10.10.10:80
...
Thanks
Asus RT56U on Merlin 380.62_1
I've got a bunch of WAN IPs which I want to translate to a bunch of LAN IPs, but only open some ports. None of WAN IPs I want to translate are the primary WAN IP the router uses to connect to the internet.
For example I want to translate
- WAN IP 216.58.216.238 to LAN IP 10.10.10.10 and open ports 80 and 443
ifconfig shows the following interfaces: br0, eth0, eth1, eth2, lo, vlan1, vlan2.
vlan2 has my external IP address assigned to it.
How would I do the translation?
On my older RT-N16 router I put a nat-start script into /jffs/scripts/nat-start (and chmod a+rx) with these types of commands:
ifconfig eth0:1 216.58.216.238 netmask 255.255.255.0 up
iptables -t nat -A PREROUTING -i eth0 -d 216.58.216.238 -p tcp --dport 80 -j DNAT --to-destination 10.10.10.10:80
iptables -t nat -I POSTROUTING -s 10.10.10.10 -j SNAT --to 216.58.216.238
but that doesn't seem to work anymore. Should I be using another interface. vlan2? Should it be in another script file?
running ifconfig after rebooting I get some extra interfaces showing up. For example: eth0:1. It has the same HWaddr as eth0 and vlan2, and it has the correct external ip address assigned to its inet addr, but I still can't see the device outside my network.
if I run `iptables -t nat -vnL` it seems to have registered something. For example I have:
Chain PREROUTING (policy ACCEPT 5212 packets, 475K bytes)
pkts bytes target prt opt in out source destination
...
0 0 DNAT tcp --- eth0 * 0.0.0.0/0 216.58.216.238 tcp dpt:80 to 10.10.10.10:80
...
Thanks
Asus RT56U on Merlin 380.62_1
Last edited: