1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Multiple source addresses in port forward rules?

Discussion in 'Tomato Firmware' started by barkmann, Feb 4, 2008.

  1. barkmann

    barkmann Network Guru Member

    any way you can have more than one allowable source IP address in port forward rules? I want to use 3 that are completely different subnets.

    cheers
     
  2. HennieM

    HennieM Network Guru Member

    If you set up your iptables rules manually, you can use whatever addresses you like.
     
  3. barkmann

    barkmann Network Guru Member

    ok, so I should add something like this to the firewall script for each instance (where x.x.x.x is the allowed WAN IP)?

    iptables -A PREROUTING -t nat -i vlan1 -p tcp --source x.x.x.x \
    --dport 21 -j DNAT --to 192.168.1.3:21

    cheers
     
  4. HennieM

    HennieM Network Guru Member

    Something like that yes. I'm not 100% on the exact syntax, but you've got the idea. Play around with different syntax a bit if iptables don't like that.
     

Share This Page