If you are using modern RedHat kernels, you have already have Port
Forwarding included as a module. To install it run:
modprobe ip_masq_portfw.o
If you use other distributions, you'll need to compile a new kernel with Port Forwarding support. You'll need to include the following options:
CONFIG_EXPERIMENTAL CONFIG_IP_MASQUERADE CONFIG_IP_MASQUERADE_IPPORTFW
If you're not familiar with compiling and installing kernels, read the Kernel HOWTO.
Before attempting to setup Port forwarding, set up and use IP Masquerading. Until it's enabled with ipportfw, Port forwarding will not affect IP Masquerading in any way. You can find more information about masquerading in the Masquerading HOWTO. The IP Chains HOWTO is also useful.
To configure redirection of a local port (local refers to the machine
running the masquerading), you need to use ipportfw. It's options can be
described as:
ipmasqadm portfw -h
Usage: portfw -a -P PROTO -L LADDR LPORT -R RADDR RPORT [-p PREF] add entry
portfw -d -P PROTO -L LADDR LPORT [-R RADDR RPORT] delete entry
portfw -f clear table
portfw -l list table
portfw {args} -n no names
PROTO is the protocol, can be "tcp" or "udp"
LADDR is the local interface receiving packets to be forwarded.
LPORT is the port being redirected.
RADDR is the remote address.
RPORT is the port being redirected to.
PREF is the preference level (load balancing, default=10)
Need an Example. OK...
ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
echo 1 > /proc/sys/net/ipv4/ip_forward
#this will clear all previous port forward rules
ipmasqadm portfw -f
#this will redirect all web conections (port 80) to you intenal server (using the tcp protocal (proto))
ipmasqadm portfw -a -P tcp -L 194.160.1.1 80 -R 10.10.0.2 80
#this will redirect timed connections
ipmasqadm portfw -a -P udp -L 194.160.1.1 525 -R 10.0.0.2 525
ipmasqadm portfw -l
prot localaddr rediraddr lport rport pcnt pref
TCP guardian tricord www www 6 10
UPD guardian tricord time time 10 10