Hardware Reference
In-Depth Information
Discussion
Whenever a device connects to another device on the Internet, two numbers are needed: the
IP address
(
192.168.7.2
for example) and the
port
number. If you are using SSH to
connect, it defaults to port
22
; if it's a web browser, it uses port
80
(or
443
if it's encryp-
ted); and so on. You can even write your own program to listen on a given port. The
iptables
command given here says to take any requests to connect to port 1080
(
--dport 1080
) on
137.112.41.35
and forward them to
192.168.7.2
, port
80
.
It's now as if the request were made to connect to 192.168.7.2 instead.
WARNING
Be careful, you've now exposed your Bone to the world. Anyone from the outside can access
your Bone. See
Recipe 5.14
for setting up a firewall to limit which IP addresses can access
your Bone.
If you change your mind about the port forwarding, switching the
-A
to
-D
will delete the
entry and stop the forwarding. Rebooting will also stop the forwarding.
host$
sudo iptables -t nat -D PREROUTING -p tcp -s 0/0 \
-d 137.112.41.35 --dport 1080 -j DNAT --to 192.168.7.2:80
