Thursday, September 25, 2008

Customizing BCM96338 (2)

Its after a long time I got time to re-visit this topic. First let me give you the iptables rules to forward the connection.

Step 1: Find your external interface
Do a "ifconfig". You will see an array of devices. One of this will have your global ip.
(Check the index page of your device if you are doubtful about which one is the global ip. You can find your global ip there)

Step 2: iptables rules
iptables -t nat -I PREROUTING -p tcp --dport 22 -i ppp_0_35_2 -j DNAT --to
iptables -t filter -I FORWARD -p tcp --dport 22 -d -j ACCEPT

ppp_0_35_2 -> Replace this with the name of your external interface -> Replace this with the ip of your local ssh server

Step 3: How to forward for other connections?
Say you want to have external access to a web server running inside your local network. All that you have to do is issue the above to commands with following differences.

1) --dport 22 will change to --dport 80
2) will be replaced with the ip of your local web server.

If you have any other service running inside, use the portocol (tcp/udp), port and ip of that service.

No comments: