How to port forwarding in dietpi with zerotier

Hi,

I have a Ip-camera in my LAN which I want to access from outside.
Unfortunately my provider do not support IPv4 port forwarding.
So I installed and Raspberry Pi with dietpi and installed Zerotier there.
The Pi has has 2 ip adresses (LAN + Zerotier) .
The Camera is in one Class-C network , together with the internet router and the Raspberry with zerotier.
Ho can I configure the Raspberry to forward the request to the Camera when when I acces the Zerotier via a defined port ?
( for example :
From Zerotier-IP on Port 9555 to Camera-IP on 443 ).
using iptables ?

Kind regards

Try this

  1. Install UFW
# apt install ufw
  1. Put this in the /etc/default/ufw file:
DEFAULT_FORWARD_POLICY='ACCEPT'
  1. You might also need this in the /etc/ufw/sysctl.conf file depending on distro:
net/ipv4/ip_forward=1
  1. Put this in the /etc/ufw/before.rules file:
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p tcp --dport 9555 -j DNAT --to-destination Camera-IP:443
COMMIT
  1. Explicitly allow https traffic with the camera:
# ufw route allow in to Camera-IP port 443 proto tcp
  1. Restart UFW
# ufw disable
# ufw enable
# ufw status

References:

Hello Dajhorn,

I did all the settings. But I get the error message
“Invalid interface clause for route rule”.
Did I forget something?

This is a command syntax error. Check the ufw man page for instructions and examples.

Also note that any rules rules for zt* interfaces must be applied after zerotier-one is running, which means that you might need to adjust some systemd unit files.

This kind of network configuration will be frustrating if you copypasta instead of understanding the tools.

Hi,

I understand . I tried to understans the tools, but there is not much documentation.
And if this is not working for Zerotier, should it not forward to the camera , if I request it from a computer within the class-C network to the dietpi when I use port 9555 ?
Never mind.
I have to test it step by step.