iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j DNAT --to 192.168.0.2:80
iptables -t nat -A POSTROUTING -o tun0 -j SNAT
iptables -A FORWARD -d 192.168.0. -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT

iptables -t nat -A PREROUTING -i eth0 -s $ADMIN -d $FW_eth0_ip -p tcp --dport $SSH -j DNAT --to-destination $WEB_eth0_ip
iptables -A FORWARD -i eth0 -o eth1 -p tcp --syn --dport $SSH -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport $SSH -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -p tcp --sport $SSH -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -p tcp --dport $SSH -d $WEB_eth0_ip -j SNAT --to-source $FW_eth1_ip

SPORT=8080
DPORT=80
IF_SRC=tun0
IF_DST=wlan0
IP_SRC=192.168.10.230
IP_DST=192.168.0.2
IP_FWD=192.168.0.99

iptables -t nat -F

iptables -t nat -A PREROUTING -i IF_SRC -p tcp --dport $SPORT -j DNAT --to $IP_DST
iptables -A FORWARD -i $IF_SRC -o $IF_DST -p tcp --dport $SPORT -j ACCEPT
iptables -t nat -A POSTROUTING -o $IF_DST -p tcp --dport $DPORT -d $IP_SRC -j SNAT --to-source $IP_SRC
echo 1 > /proc/sys/net/ipv4/ip_forward


tcpdump -i wlan0 -n not port 22 and not port 1194

• Linux
• Apache HTTPd
• Asterisk (VoIP)
• Email
• Linux Mint
• LXC & PXE boot
• MariaDB (SQL)
• OpenVPN
• Raspberry Pi
• Samba (CIFS)
• SSH
• Subversion
• WebDAV
• Mcu
• Arduino
• OLED / LCD displays
• ESP8266 (WLAN)
• Pilot
• RF433MHz
• Sensor
• STM32 (ARM)
• Misc
• KernelModule
• Lab
• Time
• Verne
• Network
• Iptables
• Lan To Wlan
• Lan
• Multicast
• Network Crypt
• Router
• Wlan