Open main menu

CDOT Wiki β

Changes

SRT210 Lab 3

466 bytes added, 18:17, 28 May 2019
PART 2: NAT
** Note that if you're using a laptop on wireless - you probably have your c7host network adapter set to NAT instead of bridged mode. If that's the case - you might need to modify some steps from this lab.
* Now we'll configure port forwarding so that any requests to TCP port 80 arriving at c7host will be forwarded to lin1:
 <source># any inbound HTTP requests on ens33 are for Apache (running in linX)iptables -A PREROUTING -t nat -i ens33 -p tcp --dport 80 -j DNAT --to 192.168.210.11:80 # any outbound HTTP requests on ens33 (originating from linX) are returned to same linXiptables -A POSTROUTING -t nat -o ens33 -p tcp -s 192.168.210.11 --sport 80 -j SNAT --to 192.168.210.11 # let c7host forward packets otherwise they won't reach linX
iptables -I FORWARD -p tcp -d 192.168.210.11 --dport 80 -j ACCEPT</source>
 * Don't just run those commands blindly - understand what they do.You can read more detail on the above rule set from [https://wiki.archlinux.org/index.php/Simple_stateful_firewall this website]
* Try accessing your c7host from a web browser again. You should see the web page from your lin1 web server.
221
edits