December 22, 2022 Roberto Puzzanghera 0 comments
Here is a quick example of a natting tool, that you can use to NAT between your host and your containers network. It calls nftables
rather than the obsolete iptables
.
It is very comprehensible and there's no need of further comment. Just add lines like this at the end for each service that you want to NAT to a particular IP:
nat $PORT $IP "Natting service on port $PORT towards IP $IP..."
Here is a view of the scriptlet:
#!/bin/bash NFT="/usr/sbin/nft" VNET="10.0.0.0/24" HTTPS_IP=10.0.0.1 HTTPS_PORT=443 SMTP_IP=10.0.0.2 SMTP_PORT=25 NS_IP=10.0.0.3 NS_PORT=53 ########################################################################## # Flush nat table $NFT delete table ip nat # Create tables and chains $NFT add table ip nat $NFT 'add chain ip nat PREROUTING { type nat hook prerouting priority 0; }' # Usage: nat $PORT $DESTINATION_IP $MESSAGE nat() { if [ -z "$3" ]; then echo "Missing Message" exit 1 else echo $3 fi if [ -z "$1" ]; then echo "Missing PORT" exit 1 fi if [ -z "$2" ]; then echo "Missing destination IP" exit 1 fi $NFT add rule ip nat PREROUTING ip saddr != $VNET tcp dport $1 counter dnat to $2 $NFT add rule ip nat PREROUTING ip saddr != $VNET udp dport $1 counter dnat to $2 } ##################################################################################### # HTTPS nat $HTTPS_PORT $HTTPS_IP "Natting https port $HTTPS_PORT to $HTTPS_IP..." # SMTP nat $SMTP_PORT $SMTP_IP "Natting smtp port $SMTP_PORT to $SMTP_IP..." # NS nat $NS_PORT $NS_IP "Natting named port $NS_PORT to $NS_IP..."
Remember to start the ip forwarding on your system. On Slackware you have to activate the x
flag of /etc/rc.d/rc.ip_forward.
qq_temporary_problem_(#4.3.0)
June 2, 2023 06:32
qq_temporary_problem_(#4.3.0)
June 1, 2023 21:18
qq_temporary_problem_(#4.3.0)
May 31, 2023 18:22
qq_temporary_problem_(#4.3.0)
May 31, 2023 14:42
qq_temporary_problem_(#4.3.0)
May 31, 2023 14:33
Thank you! for all the documentation, patches and support
May 26, 2023 08:42
free(): double free detected in tcache 2: /var/www/qmail/cgi-bin/qmailadmin
May 17, 2023 15:25
free(): double free detected in tcache 2: /var/www/qmail/cgi-bin/qmailadmin
May 17, 2023 07:46
Tags
apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver lxc mariadb mediawiki mozilla mysql openboard owncloud patches php proftpd qmail qmail to postfix qmail-spp qmailadmin rbl roundcube rsync sieve simscan slackware solr spamassassin spf ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin