Port Forwarding

[trentreznor321]

I am trying to forward a few ports through my wifi pineapple to one of the devices connected to it. The pineapple is connected to the internet on eth1 with ip 10.0.1.155, and sharing internet access through the built in wifi. The device I am trying to open the ports to is connected to the pineapples wifi with ip 172.16.42.231 on br-lan. could someone help me this the commands I need to open some ports to this device?

[no42]

You might want to read up on: Iptables & Port Forwading

http://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/

[trentreznor321]

I have tried forwarding port 9092 to IP 174.16.42.231 with iptables -t nat -I PREROUTING --src 0/0 --dst 174.16.42.231 -p tcp --dport 9092 -j REDIRECT --to-ports 9092 but it still does not forward it. Am I missing something?

[scorpionsting6x3]

Hey trentreznor321,

I wonder if you're trying to do what I am. My pineapple is connected to an access point, which is forwarding information to my router through the LAN. Have you tried the setting up DMZ on the original router to forward all incoming information from the internet to your pineapple? this solved my problems

Edited January 2, 2014 by scorpionsting6x3

[scorpionsting6x3]

Hey trentreznor321,

I got all my stuff working. try this code for you:

iptables -t nat -A PREROUTING -p tcp -d 10.0.1.155 --dport 9092 -j DNAT --to 172.16.42.231:9092

iptables -A INPUT -i eth1 -p tcp --dport 9092 -m --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -o br-lan -p tcp --sport 9092 -m state ESTABLISHED -j ACCEPT

It won't be there when you reboot so feel free, if it works, to throw the code in the wps box so you don't have to re-enter it all. Hope it works bud

[scorpionsting6x3]

trentreznor321

sry for so many responses, but i know this was a big issue for me and trying to get to work so i thought i'd share my final little wps button script.

My setup can be connected to any cracked access point. The only thing that needs to be enabled on the AP is either all your ports forwarding, or a DMZ setting with the server set to the pineapple's ip address (in this case 192.168.1.2)

I am forwarding ports 32400,5000,80 and 21 through the pineapple to my router from wlan0 to br-lan

This is my setup so you know what things are and can change them for your situation:

[NAS Server]--(LAN 192.168.1.6)--[My Router]--(LAN br-lan 172.16.42.182)--[Pineapple]--(wlan0 192.168.1.2)--[Any access point]

My little script:

iptables -t nat -A PREROUTING -p tcp -d 192.168.1.2 --dport 32400 -j DNAT --to 172.16.42.182:32400
iptables -t nat -A PREROUTING -p tcp -d 192.168.1.2 --dport 5000 -j DNAT --to 172.16.42.182:5000
iptables -t nat -A PREROUTING -p tcp -d 192.168.1.2 --dport 80 -j DNAT --to 172.16.42.182:80
iptables -t nat -A PREROUTING -p tcp -d 192.168.1.2 --dport 21 -j DNAT --to 172.16.42.182:21
iptables -t nat -A PREROUTING -p udp -d 192.168.1.2 --dport 32400 -j DNAT --to 172.16.42.182:32400
iptables -t nat -A PREROUTING -p udp -d 192.168.1.2 --dport 5000 -j DNAT --to 172.16.42.182:5000
iptables -t nat -A PREROUTING -p udp -d 192.168.1.2 --dport 80 -j DNAT --to 172.16.42.182:80
iptables -t nat -A PREROUTING -p udp -d 192.168.1.2 --dport 21 -j DNAT --to 172.16.42.182:21

iptables -A INPUT -i wlan0 -p tcp -m multiport --dports 32400,5000,80,21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o br-lan -p tcp -m multiport --sports 32400,5000,80,21 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i wlan0 -p udp -m multiport --dports 32400,5000,80,21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o br-lan -p udp -m multiport --sports 32400,5000,80,21 -m state --state ESTABLISHED -j ACCEPT

Hope this helps some people out. And if anyone has any reccomendations for my setup I'd like to hear it

Edited January 4, 2014 by scorpionsting6x3