hardware:gatewaynetflow
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
hardware:gatewaynetflow [2019/01/03 18:28] – [Useful commands] veera | hardware:gatewaynetflow [2019/01/07 11:45] (current) – [How to redirect Netflow to Trisul across network segments using NAT] veera | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== How to redirect Netflow to Trisul across network segments using NAT ====== | ====== How to redirect Netflow to Trisul across network segments using NAT ====== | ||
- | In some customers, Trisul is on a separate segment from the production routers. These sites often have a gateway device that be be used to access. | + | In some customers, Trisul is often deployed |
{{: | {{: | ||
- | This HOWTO explains how to use Linux IPTABLES NAT to move between | + | This HOWTO explains how to use Linux IPTABLES NAT to solve the issue. |
+ | < | ||
===== IPTABLES Port based NAT ===== | ===== IPTABLES Port based NAT ===== | ||
- | On the gateway device you just need to run the following commands, say you want to move port 2055 to a particular IP. | + | **On the gateway device** you just need to run the following commands, say you want to move port 2055 to a particular IP. |
==== Shutdown ufw or disable firewalld ==== | ==== Shutdown ufw or disable firewalld ==== | ||
+ | since we are working directly with iptables. | ||
< | < | ||
Line 22: | Line 24: | ||
# Make sure ip forwarding is enabled in kernel | # Make sure ip forwarding is enabled in kernel | ||
- | echo 1 > / | + | echo 1 > / |
</ | </ | ||
Line 32: | Line 34: | ||
< | < | ||
$ iptables -t nat -A PREROUTING -p udp --dport 2055 -j DNAT --to-destination 10.10.10.17: | $ iptables -t nat -A PREROUTING -p udp --dport 2055 -j DNAT --to-destination 10.10.10.17: | ||
- | $ iptables -t nat -A POSTROUTING -j MASQUERADE | ||
</ | </ | ||
Line 39: | Line 40: | ||
+ | <note important> | ||
+ | </ | ||
==== Useful commands ==== | ==== Useful commands ==== | ||
Line 47: | Line 50: | ||
'' | '' | ||
==== Reference ==== | ==== Reference ==== | ||
- | |||
- | How to redirect incoming traffic on a port to another IP https:// | ||
- | |||
+ | Forwarding and NAT with IPTABLES : Redhat https:// |
hardware/gatewaynetflow.1546520296.txt.gz · Last modified: 2019/01/03 18:28 by veera