I want to forward all packet coming to port 60300 to tun0. Quick scheme:
internet -> myserver:60300 -> tun0myserver -> 10.8.0.1 -> 10.8.0.2.
I wanted to do that with this:
iptables -t mangle -A PREROUTING -i eth0 -m --dports 60300 -j ROUTE --oif tun0
then I learned the ROUTE target is a big fat lie so people can laugh at noobs like me.
After some quick search it turned out this is also possible with mark:
iptables -t mangle -A PREROUTING -i eth0 -m --dports 60300 -j MARK --set-mark 1
and the use of iproute2, something like that:
ip rule add fwmark 1 table (nb?)
This is where I struggle. Are there any easier solution? Btw I'm running Debian 6.0 with security updates.
Solution:
iptables -t nat -A PREROUTING -p tcp -i eth0 -d myserver --destination-port 60300 -j DNAT --to 10.8.0.2:60300
iptables -t nat -A PREROUTING -p udp -i eth0 -d myserver --destination-port 60300 -j DNAT --to 10.8.0.2:60300
...