You are not logged in.
- Topics: Active | Unanswered
#1 2019-05-11 02:13:35
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,597
- Website
Using UFW and need to add a few custom iptables commands [SOLVED]
I would like to add the following iptables lines to UFW so I don't have to use an external script to call them but am unclear how to do it:
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to-destination 10.0.3.200:53
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 80 -j DNAT --to-destination 10.0.3.200:80It seems UFW has some files (/etc/ufw/before.rules) for this purpose but I am unclear on the syntax for this specific example. Thanks!
Last edited by graysky (2019-05-11 11:11:35)
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#2 2019-05-11 03:20:51
- jasonwryan
- Anarchist
- From: .nz
- Registered: 2009-05-09
- Posts: 30,424
- Website
Re: Using UFW and need to add a few custom iptables commands [SOLVED]
man ufw-framework has an examples section that describes the syntax for the .rules files. You can also read the rules files that ship with ufw in /etc/ufw/
The rules that you want to translate will work almost as is.
Offline
#3 2019-05-11 11:11:23
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,597
- Website
Re: Using UFW and need to add a few custom iptables commands [SOLVED]
Thanks for the tip for that man page... got exactly what I wanted:
/etc/ufw/before.rules
...
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to-destination 10.0.3.200:53
-A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.0.3.200:80
COMMITCPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline