![]() To view the port 37777 tcp is enough, if there are many cameras behind the router, then you can forward the ports 37779 tcp, 37979 tcp, etc., while the ports must be changed to the same ones on the cameras. To Addresses: 192.168.88.1 (internal router ip)įor example, to DVR Dahua you need to forward ports: 80 tcp, 554 tcp, 37777 tcp, 37778 udp. So one rule only is needed: iptables -t nat -A PREROUTING -d 192.168.55.0/24 -i eth0 -j NETMAP -to 192.168.42. It can only be used from rules in the nat table. Address: 192.168.88.0/24 (internal network) From man iptables-extensions: NETMAP This target allows you to statically map a whole network of addresses onto another network of addresses. Add new routing table and insert static route where: Interface is LAN Target is remote IPsec virtual network Gateway is LAN IP Then create IP rule and specify lookup table. To access the external IP of the router from the local network, you need to add two more rules. To have permanent static route navigate to WebUI -> Network -> Routing -> Advanced static routes. I will give several examples of ports: 3389/tcp – remote desktop, 80/tcp – web server, 23/tcp – telnet, 161/udp – snmp, 22/tcp – SSH, 1433/tcp – MS SQL Server, etc. To Addresses: the IP address of the network device/computer within the network from which you want to forward ports, for example 192.168.88.250 ![]() interface: the incoming interface on which the above port is listening, for example “ether1-gateway”. Iptables passes packets from the network layer up, without mac layer. same data link type as the xtables match. Port: destination port that will be visible from the outside (1 – 65535). iptables -A OUTPUT -m bpf -bytecode 'nfbpfcompile RAW ip proto 6' -j ACCEPT Or use tcpdump -ddd. Chain: dstnat (means that the connection will go from the external network to the internal).ĭst.
0 Comments
Leave a Reply. |