Skip to content
Bots!
Bots!
  • About
    • Myself
    • আমার দোয়া
  • Bookmarks
    • Bookmarks
    • My OCI Bookmarks
    • Useful Proxmox Commands & Links
    • Learning Nano
    • Useful Sites
    • Useful Virtualbox Command
    • Useful MySQL Command
    • Useful Linux Command
    • BTT-CAS
  • Resources
    • Webinar on Cloud Adoption for Project Managers
  • Photos
  • Videos
  • Downloads
Bots!

Creating 1:1 NAT using iptables

Rumi, June 8, 2024

Its a POC where I needed a 1:1 NAT using  Linux iptables. I used 2 Debian 11 OS for this and here’s the machine IP plans-

  • VM-1: IPTables/NAT Router- 123.45.67.5/24, 123.45.67.6/24 and 192.168.10.5/24
  • VM-2: Backend Server- 192.168.10.6/24 (this VM’s gateway will be 192.168.10.5

On VM-1

Uninstall nftables and its Dependencies

IPtables is being replaced by nftables starting with Debian 10 Buster. Debian 11 comes with nftables framework. To install iptables first we need uninstall nftables and its dependencies. SSH into your server and run the next commands:

# apt-get remove --auto-remove nftables
# apt-get purge nftables

Install IPtables in Debian 11

# apt-get update
# apt-get install iptables

Now we can check the iptables status and list rules. For list all the rules we will use option -L.

Run command:

# iptables -L -v

You will see the output:

As you see on the screenshot just installed iptables firewall and it works. But all chains (INPUT, FORWARD, OUTPUT) are set to ACCEPT, and we have no security rules configured.

Clear Iptables Rules: То clear iptables rules (open all ports) use the following command sequence:

# iptables -P INPUT ACCEPT
# iptables -F
# iptables -X

Once iptables is installed, we configure it as NAT gateway by allow ip_forward_v4 and route all traffic using iptables firewall rule. This is something, which I’m not going to cover.

Now, we’ll apply iptables one-to-one NAT rules-

iptables -t nat -A POSTROUTING -s 192.168.10.6 -o eth0 -j SNAT --to-source 123.45.67.6
iptables -t nat -A PREROUTING -d 123.45.67.6 -i eth0 -j DNAT --to-destination 192.168.10.6

Now save iptables rule permanently-

sudo sh -c '/sbin/iptables-save > /etc/iptables.up.rules'

On VM-2: Install an NGINX server

We’ll install an nginx server to test the status of the 1:1 Nat policy. Once installation is done, we’ll hit-

http://123.45.67.6

and nginx page will appear. it means, the backend server with the private ip 192.168.10.6 is 1:1 mapped with its public ip 123.45.67.6

Administrations Configurations (Linux) 1:1 NATiptables

Post navigation

Previous post
Next post

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Myself…

Hi, I am Hasan T. Emdad Rumi, an IT Project Manager & Consultant, Virtualization & Cloud Savvyfrom Dhaka, Bangladesh. I have prior experience in managing numerous local and international projects in the area of Telco VAS & NMC, National Data Center & PKI Naitonal Root and CA Infrastructure. Also engaged with several Offshore Software Development Team.

Worked with Orascom Telecom-Banglalink, Network Elites as VAS partner, BTRC, BTT (Turkey) , Mango Teleservices Limited and Access to Informaiton (A2I-UNDP)

Currently working at Oracle Corporation as Principal Technology Solution and Cloud Architect.

You can reach me [h.t.emdad at gmail.com] and I will be delighted to exchange my views.

Tags

Apache Bind Cacti CentOS CentOS 6 CentOS 7 Debain Debian Debian 10 Debian 11 Debian 12 DKIM Docker endian icinga iptables Jitsi LAMP Letsencrypt Linux Munin MySQL Nagios Nextcloud NFS nginx pfsense php Postfix powerdns Proxmox RDP squid SSH SSL Ubuntu Ubuntu 16 Ubuntu 18 Ubuntu 20 Varnish virtualbox vpn Webmin XCP-NG zimbra

Topics

Recent Posts

  • Install Jitsi on Ubuntu 22.04 / 22.10 April 30, 2025
  • Key Lessons in life April 26, 2025
  • Create Proxmox Backup Server (PBS) on Debian 12 April 19, 2025
  • Add Physical Drive in Proxmox VM Guest April 19, 2025
  • Mount a drive permanently with fstab in Linux April 16, 2025
  • Proxmox 1:1 NAT routing March 30, 2025
  • Installation steps of WSL – Windows Subsystem for Linux March 8, 2025
  • Enabling Nested Virtualization In Proxmox March 8, 2025
  • How to Modify/Change console/SSH login banner for Proxmox Virtual Environment (Proxmox VE / PVE) March 3, 2025
  • Install Proxmox Backup Server on Debian 12 February 12, 2025

Archives

Top Posts & Pages

  • Install Jitsi on Ubuntu 22.04 / 22.10
©2025 Bots! | WordPress Theme by SuperbThemes