Port forwarding from Local to Internet


(Serg) #1

Hello. How can i do port forwarding FROM LOCAL to INTERNET. E.g. RDP can’t work through non transparent proxy, I need connect from local net to Internet over RDP. Standart port forwarding in Nethserver work only from Inet to local.


(Michele Bortolotto) #2

Outgoing traffic is not filered by default i think


(Serg) #3

I need e.g.:
If i connect from local address (192.168.0.x) on LAN(Green) interface on port 3389, then proxy MUST forward me to SomeINTERNETAddress:SomePort. How i can do it?
By default NS can’t forward connection from Green zone to Red. It can forward only from Red to Green. See screenshot.


(Serg) #4

Really nobody knows how to resolve this problem?


(Michele Bortolotto) #5

i really don’t understand what you are trying to do :smiley:


(Serg) #6

I fix my previous post with image. See it. Thank you.


(Filippo Carletti) #7

Connections originating from the LAN are allowed by default:
http://docs.nethserver.org/en/latest/firewall.html#policy
You may have added a rule to block traffic, see firewall.log and check for rejected or dropped connections.


(Serg) #8

Problem solved. I make custom template, because webUI not support this forwarding type.

mkdir -p /etc/e-smith/templates-custom/etc/shorewall/rules

echo "DNAT:info      loc:192.168.x.x      net:94.181.x.x:3389  tcp  3389" > /etc/e-smith/templates-custom/etc/shorewall/rules/myshorewallrule

(Filippo Carletti) #9

I can read the template, but I still can’t understand the purpose.
If your pc 192.168.x.x tries to connect to servers on 3389 you redirect it to a special public ip address?


(Serg) #10

Yes. Some programs can’t work with proxy. For such programs we set connection to proxy, and proxy redirects which we need.
Or if i want redirect some proxy-user to some infopage on gw-localhost webserver.


(Serg) #11

There is screenshot from other proxy with flexible port forwarding settings