Bright:Shorewall:port forwarding

From Define Wiki
Jump to navigation Jump to search

Port Forwarding

  • Edit the file: /etc/shorewall/rules
  • Make sure the system are forwarding ports to is directly connect to one of the interfaces and the defgw is set as the headnode on the client (for e.g. pxe deployed systems are on a separate network and will not work when forwarding traffic.
  • There are no examples in the rules files, although there are descriptions in the comments at the top of the file.

In order to forward a port to another external system we would use the DNAT option. 

DNAT    net     net:10.16.1.1:8081      tcp     5090

The example above is used to forward incoming traffic on the external network using port 5090, to the system with IP 10.16.1.1 on port 8081. This is the rule that allows us to control the Boston Cluster from outside the lab.

Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=Bright:Shorewall:port_forwarding&oldid=16841"