Atlas_Server/atlas-dedicated-server
1
0
Fork 0
mirror of https://github.com/Kadigan/atlas-dedicated-server.git synced 2024-08-30 17:32:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update NAT reflection (hairpinning, loopback etc.).md

Browse Source
This commit is contained in:
Kadigan 2020-02-13 19:35:26 +01:00 committed by GitHub
parent 7ed1daaa15
commit febd308aa8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Documentation/NAT reflection (hairpinning, loopback etc.).md
View File

@ -13,10 +13,10 @@ What you have to do is make sure your router redirects requests from _inside_ y
------------------------------------------ ------------------------------------------
If you happen to be running `iptables` however, here's a line to get you started: If you happen to be running `iptables` however, here's a line to get you started:
`iptables -t nat -A PREROUTING -i ! YOUR-WAN-INTERFACE -s LAN-NETWORK -d PUBLIC-IP -p tcp --dport PORT -j DNAT --to-destination LAN-SERVER-ADDRES` `iptables -t nat -A PREROUTING ! -i YOUR-WAN-INTERFACE -s LAN-NETWORK -d PUBLIC-IP -p tcp --dport PORT -j DNAT --to-destination LAN-SERVER-ADDRES`
Explanation: Explanation:
- `-i ! YOUR-WAN-INTERFACE` is there to make sure you don't accidentally include traffic from the Internet - the traffic we want to modify is handled within the router itself (and also, it never hurts to prevent spoofing) - `! -i YOUR-WAN-INTERFACE` is there to make sure you don't accidentally include traffic from the Internet - the traffic we want to modify is handled within the router itself (and also, it never hurts to prevent spoofing)
- `-s LAN-NETWORK` defines your LAN's network pool - for example `-s 10.0.0.0/8` - this is to make sure you're only affecting traffic originating from your local LAN - `-s LAN-NETWORK` defines your LAN's network pool - for example `-s 10.0.0.0/8` - this is to make sure you're only affecting traffic originating from your local LAN
- `-d PUBLIC-IP` line tells it to look for traffic that has a _destination_ of your public IP address - `-d PUBLIC-IP` line tells it to look for traffic that has a _destination_ of your public IP address
- `--dport PORT` is the port you wish to affect, and - `--dport PORT` is the port you wish to affect, and