buckprivate Posted February 12, 2010 Report Share Posted February 12, 2010 For NATing specific LAN IPs, use an instruction set like this.--- cut here ---# MASQ (SNAT) internal traffic:EXT_IP=`cat /etc/firewall/EXT_IP` # Put your external (WAN) IP hereHARD=192.168.1.9 # Put your LAN IP hereecho 1 >/proc/sys/net/ipv4/ip_forwardiptables -t nat -A POSTROUTING -o $IFE -s $HARD -j SNAT --to $EXT_IP--- cut here ---To allow a specific computer to accept incoming torrent connections, use an instruction set like this.--- cut here ---# /usr/sbin/Torrent_to_hard# This allows access to computer HARD when incoming torrents connect to# my external IP.# Beware line wrap. Every long line is double spaced.BT_PORT=24664 # Make sure this matches your BT settingsEXT_IP=`cat /etc/firewall/EXT_IP` # Put your external (WAN) IP hereHARD=192.168.1.9 # Put your LAN IP hereecho "Pass parameter 'up' to activate."echo "EXT_IP IP $EXT_IP; HP IP $HARD."# Tear downiptables -t nat -D PREROUTING -p udp -d $EXT_IP --dport BT_PORT -j DNAT --to $HARD:BT_PORT >/dev/null 2>&1iptables -t nat -D PREROUTING -p tcp -d $EXT_IP --dport BT_PORT -j DNAT --to $HARD:BT_PORT >/dev/null 2>&1iptables -t nat -D PREROUTING -p udp -d $EXT_IP --dport 6881:6999 -j DNAT --to $HARD:BT_PORT >/dev/null 2>&1iptables -t nat -D PREROUTING -p tcp -d $EXT_IP --dport 6881:6999 -j DNAT --to $HARD:BT_PORT >/dev/null 2>&1iptables -D FORWARD -p udp -d $HARD --dport BT_PORT -j ACCEPT >/dev/null 2>&1iptables -D FORWARD -p tcp -d $HARD --dport BT_PORT -j ACCEPT >/dev/null 2>&1if [ "$1" = "up" ]; then# Set upiptables -t nat -I PREROUTING -p udp -d $EXT_IP --dport BT_PORT -j DNAT --to $HARD:BT_PORTiptables -t nat -I PREROUTING -p tcp -d $EXT_IP --dport BT_PORT -j DNAT --to $HARD:BT_PORTiptables -t nat -I PREROUTING -p udp -d $EXT_IP --dport 6881:6999 -j DNAT --to $HARD:BT_PORTiptables -t nat -I PREROUTING -p tcp -d $EXT_IP --dport 6881:6999 -j DNAT --to $HARD:BT_PORTiptables -I FORWARD -p udp -d $HARD --dport BT_PORT -j ACCEPTiptables -I FORWARD -p tcp -d $HARD --dport BT_PORT -j ACCEPTfi--- cut here ---If you still have problems, consider adding the following 2 lines.--- cut here --- iptables -A FORWARD -s $HARD -p tcp -m state --state ESTABLISHED --sport 1024:65535 --dport 1024:65535 -j ACCEPTiptables -A FORWARD -s $HARD -p udp -m state --state ESTABLISHED --sport 1024:65535 --dport 1024:65535 -j ACCEPT--- cut here --- Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.