[olug] iptables behind router
John Dickson
jman at neonramp.com
Tue Sep 14 02:47:18 UTC 2004
Multihome comp A with an additional different net and assign IP new net to comp B.
comp A = 10.10.10.254 and 192.168.1.254
comp B = 192.168.1.3
Config DNS
Just guessing....
John
"Daniel Linder" <dan at linder.org> wrote ..
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> William E. Kempf said:
> > However... I'd like to be able to have [comp A]
> > forward some ports to [comp B].
>
> Jeff gave one solution, here is another possible solution.
>
> The IPTables feature has a "Destination Network Address Translation"
> feature (DNAT) which re-writes the destination of each IP packet to
> another address when it comes in. When it goes back out, the IPTables
> un-does the translation and replaces the (now) source address with what
> the machine on the outside expects.
>
> Example:
>
>
> CompX---{internet}---{Cablemodem}-{router}--+---[CompA]
> +---[CompB]
>
> On Computer A, you would use a line like this:
> iptables -t nat -A PREROUTING -i eth0 -d <CompA_Addr> -dport <CompaA_port>
> - -j DNAT --to-destination <CompB_Addr:CompB_port>
>
> Just make sure that Computer B has it's route to the Internet set to point
> back through CompA so CompA can un-do the DNAT...
>
> I think this should work... :)
>
> Dan
>
> - - - - -
> "I do not fear computer,
> I fear the lack of them."
> -- Isaac Asimov
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
>
> iD8DBQFBRk9JNiBNyqUzGb8RApjgAJ9Ns3HjZFGFpYN/onvd9UaFfTpLywCeOyt5
> Bp/i+0ESA8n2FQzg9MFnlF8=
> =Px1S
> -----END PGP SIGNATURE-----
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
More information about the OLUG
mailing list