Multiport NAT with a single rule?

cubert · Jul 29, 2008, 4:45 PM

Is it possible to add a single nat rule doing multi ports that are not in a range? I have a class C subnet that gets nated back to about 30 systems.

I would like to create a single NAT rule that forwards pop3,smtp,smtp-alt, Imap, http and https to a lan server. I see where we can do ranges (1000-2000) but I do not see where we can do a list of ports under a single rule.

–--------------------------------------------------------------------------------

Ok I may have found the proper solution. (Aliases) So use to iptables -m porta,portb,portc.

GruensFroeschli · Jul 29, 2008, 5:41 PM

Yes aliases are the solution to your problem.

Unfortunately it's not yet possible to use Aliases in the "Advanced outbound NAT" rules.

cubert · Jul 29, 2008, 6:30 PM

@GruensFroeschli:

Yes aliases are the solution to your problem.

Unfortunately it's not yet possible to use Aliases in the "Advanced outbound NAT" rules.

"Advanced outbound NAT", Ok confussion sets in where once was light..

I see 3 NAT options,, Port Forward, 1:1 and OutBound.

My concerns are with Port Forwarding, Can I use Aliases with port forwarding or is all NATing not able to use Aliases?

GruensFroeschli · Jul 30, 2008, 7:08 AM

You can use aliases in all field with a red background.
So yes you can use aliases in the normal port forwardings.

Advanced outbound NAT is the "outbound" tab.

cubert · Jul 30, 2008, 12:40 PM

@GruensFroeschli:

You can use aliases in all field with a red background.
So yes you can use aliases in the normal port forwardings.

Advanced outbound NAT is the "outbound" tab.

Thanks Gruens