hardware:gatewaynetflow
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| hardware:gatewaynetflow [2019/01/03 18:34] – [Reference] veera | hardware:gatewaynetflow [2019/01/07 11:45] (current) – [How to redirect Netflow to Trisul across network segments using NAT] veera | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== How to redirect Netflow to Trisul across network segments using NAT ====== | ====== How to redirect Netflow to Trisul across network segments using NAT ====== | ||
| - | In some customers, Trisul is on a separate segment from the production routers. These sites often have a gateway device that be be used to access. | + | In some customers, Trisul is often deployed |
| {{: | {{: | ||
| - | This HOWTO explains how to use Linux IPTABLES NAT to move between | + | This HOWTO explains how to use Linux IPTABLES NAT to solve the issue. |
| + | < | ||
| ===== IPTABLES Port based NAT ===== | ===== IPTABLES Port based NAT ===== | ||
| - | On the gateway device you just need to run the following commands, say you want to move port 2055 to a particular IP. | + | **On the gateway device** you just need to run the following commands, say you want to move port 2055 to a particular IP. |
| ==== Shutdown ufw or disable firewalld ==== | ==== Shutdown ufw or disable firewalld ==== | ||
| Line 23: | Line 24: | ||
| # Make sure ip forwarding is enabled in kernel | # Make sure ip forwarding is enabled in kernel | ||
| - | echo 1 > / | + | echo 1 > / |
| </ | </ | ||
| Line 32: | Line 33: | ||
| < | < | ||
| - | $ iptables -t nat -A PREROUTING -p udp \ | + | $ iptables -t nat -A PREROUTING -p udp --dport 2055 -j DNAT --to-destination 10.10.10.17: |
| - | | + | |
| </ | </ | ||
hardware/gatewaynetflow.1546520644.txt.gz · Last modified: 2019/01/03 18:34 by veera