I have a Ubuntu box with eth0 and eth1.
How can I redirect all the traffic coming from eth0 to eth1 and back?
Should I do DNAT and SNAT like below or just forwarding or both ?
Edit
My case is like this A-B-C, 3 machines. Both A & C in different network. B have two nic one is A's network (eth0) and other in B's network (eth1). I can't set B as the gateway in A nor B.
Below is how this was achieved by iptables on host B: SOLUTION
iptables -t nat -A PREROUTING -p tcp -m tcp ! --dport 22 -j DNAT --to-destination eth1IP
iptables -t nat -A POSTROUTING -p tcp -m tcp -o eth1 -j MASQUERADE
Have excluded port 22 so that SSH traffic is spared from the rules and my ssh to host C works.
Best Answer
Provided the netmasks are correct and do not overlap, you do not need to use DNAT or SNAT, you simply need to ensure that:
Each computer has a default gateway set through the Linux box, or has a route to the other network via the Linux box.
The Linux box has forwarding enabled – uncomment
net.ipv4.ip_fortward
in/etc/sysctl.conf
and reboot (orecho 1 > /proc/sys/net/ipv4/ip_forward
to do it temporarily).Ensure the firewall allows forwarding (
iptables -vnL
and check that theFORWARDING
rule has no chains and is set to defaultACCEPT
). This is, I believe the default.