Hi,
How do I make NAT rules persistent in Promox? (36.X.X.X to hide real IP)
I have tried adding these rules in /etc/network/interfaces which doesn't work:
It works fine if I enter enter these in ssh:
Also fine in crontab -e:
What am I doing wrong? It doesn't work in '/etc/network/interfaces' I would prefer these rules so I can restart iptables or networking without PVE reboot to update rules.
How do I make NAT rules persistent in Promox? (36.X.X.X to hide real IP)
I have tried adding these rules in /etc/network/interfaces which doesn't work:
Code:
post-up iptables -t nat -A PREROUTING -p tcp --dport 51005 -d 36.X.X.X -j DNAT --to-destination 172.16.12.205:3389
post-up iptables -t nat -A POSTROUTING -p tcp --sport 3389 -s 172.16.12.205 -j SNAT --to-source 36.X.X.X:51005It works fine if I enter enter these in ssh:
Code:
iptables -t nat -A PREROUTING -p tcp --dport 51005 -d 36.X.X.X -j DNAT --to-destination 172.16.12.205:3389
iptables -t nat -A POSTROUTING -p tcp --sport 3389 -s 172.16.12.205 -j SNAT --to-source 36.X.X.X:51005Also fine in crontab -e:
Code:
@reboot iptables -t nat -A PREROUTING -p tcp --dport 51005 -d 36.X.X.X -j DNAT --to-destination 172.16.12.205:3389
@reboot iptables -t nat -A POSTROUTING -p tcp --sport 3389 -s 172.16.12.205 -j SNAT --to-source 36.X.X.X:51005What am I doing wrong? It doesn't work in '/etc/network/interfaces' I would prefer these rules so I can restart iptables or networking without PVE reboot to update rules.
Last edited:
