Tjyylli

Engineer refusing to file/disclose patents

Aligning individual characters/glyphs like a monospace font

How do I repair my stair bannister?

Drawing ramified coverings with tikz

Can I use my Chinese passport to enter China after I acquired another citizenship?

Query about absorption line spectra

Flux received by a negative charge

Bob has never been a M before

Using a siddur to Daven from in a seforim store

Do the concepts of IP address and network interface not belong to the same layer?

Global amount of publications over time

Longest common substring in linear time

What's the difference between 違法 and 不法?

A social experiment. What is the worst that can happen?

Fly on a jet pack vs fly with a jet pack?

ArcGIS not connecting to PostgreSQL db with all upper-case name

Did arcade monitors have same pixel aspect ratio as TV sets?

Does having a TSA Pre-Check member in your flight reservation increase the chances that everyone gets Pre-Check?

Can somebody explain Brexit in a few child-proof sentences?

Why do IPv6 unique local addresses have to have a /48 prefix?

Why did the EU agree to delay the Brexit deadline?

We have a love-hate relationship

Is it possible to use .desktop files to open local pdf files on specific pages with a browser?

Confusion on Parallelogram

How to redirect all traffic in eth0 to eth1 and back

How to use iptables to forward all data from an IP to a Virtual Machinecentos 6.4 nat virtual machines not able to connect to the internetWhat is MASQUERADE made for?With iptables how to route traffic from virtualbox internal adaptor to eth0 interface?How to I configure iptables for both IP masquerading and firewalling at the same time?EVIL AP - Internet connection bridging issueWhy can't the gateway redirect back with iptables DNAT?iptables - “can't initialize iptables table `nat '”How to write an nfttables snat rule?Linux mint ddns and iptables ssh,ftp connect

1

I have a Ubuntu box with eth0 and eth1.

How can I redirect all the traffic coming from eth0 to eth1 and back?

Should I do DNAT and SNAT like below or just forwarding or both ?

Edit

My case is like this A-B-C, 3 machines. Both A & C in different network. B have two nic one is A's network (eth0) and other in B's network (eth1). I can't set B as the gateway in A nor B.

Below is how this was achieved by iptables on host B: SOLUTION

iptables -t nat -A PREROUTING -p tcp -m tcp ! --dport 22 -j DNAT --to-destination eth1IP

iptables -t nat -A POSTROUTING -p tcp -m tcp -o eth1 -j MASQUERADE

Have excluded port 22 so that SSH traffic is spared from the rules and my ssh to host C works.

linux networking ubuntu iptables nat

share|improve this question

edited Jun 13 '17 at 11:19

SleepyLord

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

bumped to the homepage by Community♦ 14 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Are those different Ethernet ports using different hardware?
  
  – Biswapriyo
  Jun 13 '17 at 8:15
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  Why do you want to do this?
  
  – Seth
  Jun 13 '17 at 8:49
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Both are in different network. A --- B --- C. A and B(eth0) in same network. B(eth1) and C in same network. If A wants to talks to C then it's only possible via B.
  
  – SleepyLord
  Jun 13 '17 at 8:53
  

  
  
  
  

add a comment | 

1

I have a Ubuntu box with eth0 and eth1.

How can I redirect all the traffic coming from eth0 to eth1 and back?

Should I do DNAT and SNAT like below or just forwarding or both ?

Edit

My case is like this A-B-C, 3 machines. Both A & C in different network. B have two nic one is A's network (eth0) and other in B's network (eth1). I can't set B as the gateway in A nor B.

Below is how this was achieved by iptables on host B: SOLUTION

iptables -t nat -A PREROUTING -p tcp -m tcp ! --dport 22 -j DNAT --to-destination eth1IP

iptables -t nat -A POSTROUTING -p tcp -m tcp -o eth1 -j MASQUERADE

Have excluded port 22 so that SSH traffic is spared from the rules and my ssh to host C works.

linux networking ubuntu iptables nat

share|improve this question

edited Jun 13 '17 at 11:19

SleepyLord

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

bumped to the homepage by Community♦ 14 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Are those different Ethernet ports using different hardware?
  
  – Biswapriyo
  Jun 13 '17 at 8:15
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  Why do you want to do this?
  
  – Seth
  Jun 13 '17 at 8:49
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Both are in different network. A --- B --- C. A and B(eth0) in same network. B(eth1) and C in same network. If A wants to talks to C then it's only possible via B.
  
  – SleepyLord
  Jun 13 '17 at 8:53
  

  
  
  
  

add a comment | 

I have a Ubuntu box with eth0 and eth1.

How can I redirect all the traffic coming from eth0 to eth1 and back?

Should I do DNAT and SNAT like below or just forwarding or both ?

Edit

My case is like this A-B-C, 3 machines. Both A & C in different network. B have two nic one is A's network (eth0) and other in B's network (eth1). I can't set B as the gateway in A nor B.

Below is how this was achieved by iptables on host B: SOLUTION

iptables -t nat -A PREROUTING -p tcp -m tcp ! --dport 22 -j DNAT --to-destination eth1IP

iptables -t nat -A POSTROUTING -p tcp -m tcp -o eth1 -j MASQUERADE

Have excluded port 22 so that SSH traffic is spared from the rules and my ssh to host C works.

linux networking ubuntu iptables nat

share|improve this question

edited Jun 13 '17 at 11:19

SleepyLord

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

iptables -t nat -A PREROUTING -p tcp -m tcp ! --dport 22 -j DNAT --to-destination eth1IP

iptables -t nat -A POSTROUTING -p tcp -m tcp -o eth1 -j MASQUERADE

share|improve this question

edited Jun 13 '17 at 11:19

SleepyLord

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

share|improve this question

edited Jun 13 '17 at 11:19

SleepyLord

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

asked Jun 13 '17 at 7:59

SleepyLordSleepyLord

143117

1 Answer
1

active

oldest

votes

0

Provided the netmasks are correct and do not overlap, you do not need to use DNAT or SNAT, you simply need to ensure that:

1. Each computer has a default gateway set through the Linux box, or has a route to the other network via the Linux box.




2. The Linux box has forwarding enabled – uncomment net.ipv4.ip_fortward in /etc/sysctl.conf and reboot (or echo 1 > /proc/sys/net/ipv4/ip_forward to do it temporarily).




3. Ensure the firewall allows forwarding (iptables -vnL and check that the FORWARDING rule has no chains and is set to default ACCEPT). This is, I believe the default.

share|improve this answer

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I can't change the default gateway in other machine.
  
  – SleepyLord
  Jun 13 '17 at 11:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not bridge eth0 and eth1 so they appear as a single network?
  
  – davidgo
  2 mins ago
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1218731%2fhow-to-redirect-all-traffic-in-eth0-to-eth1-and-back%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

Provided the netmasks are correct and do not overlap, you do not need to use DNAT or SNAT, you simply need to ensure that:

1. Each computer has a default gateway set through the Linux box, or has a route to the other network via the Linux box.




2. The Linux box has forwarding enabled – uncomment net.ipv4.ip_fortward in /etc/sysctl.conf and reboot (or echo 1 > /proc/sys/net/ipv4/ip_forward to do it temporarily).




3. Ensure the firewall allows forwarding (iptables -vnL and check that the FORWARDING rule has no chains and is set to default ACCEPT). This is, I believe the default.

share|improve this answer

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I can't change the default gateway in other machine.
  
  – SleepyLord
  Jun 13 '17 at 11:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not bridge eth0 and eth1 so they appear as a single network?
  
  – davidgo
  2 mins ago
  

  
  
  
  

add a comment | 

0

Provided the netmasks are correct and do not overlap, you do not need to use DNAT or SNAT, you simply need to ensure that:

1. Each computer has a default gateway set through the Linux box, or has a route to the other network via the Linux box.




2. The Linux box has forwarding enabled – uncomment net.ipv4.ip_fortward in /etc/sysctl.conf and reboot (or echo 1 > /proc/sys/net/ipv4/ip_forward to do it temporarily).




3. Ensure the firewall allows forwarding (iptables -vnL and check that the FORWARDING rule has no chains and is set to default ACCEPT). This is, I believe the default.

share|improve this answer

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I can't change the default gateway in other machine.
  
  – SleepyLord
  Jun 13 '17 at 11:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not bridge eth0 and eth1 so they appear as a single network?
  
  – davidgo
  2 mins ago
  

  
  
  
  

add a comment | 

Provided the netmasks are correct and do not overlap, you do not need to use DNAT or SNAT, you simply need to ensure that:

1. Each computer has a default gateway set through the Linux box, or has a route to the other network via the Linux box.




2. The Linux box has forwarding enabled – uncomment net.ipv4.ip_fortward in /etc/sysctl.conf and reboot (or echo 1 > /proc/sys/net/ipv4/ip_forward to do it temporarily).




3. Ensure the firewall allows forwarding (iptables -vnL and check that the FORWARDING rule has no chains and is set to default ACCEPT). This is, I believe the default.

share|improve this answer

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

share|improve this answer

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

edited Jun 13 '17 at 11:27

Kamil Maciorowski

28.5k156187

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292

answered Jun 13 '17 at 10:58

davidgodavidgo

44.4k75292