Re: iptables

Subject: Re: iptables
From: pete (pete@linuxfreemail.com)
Date: Mon Aug 27 2001 - 17:55:30 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Charles E. Vavra: "Linux Online - App: Astaro Security Linux"
• Previous message: Murias O'Ceallagh: "Re: Darwin Streaming Server 3.01 running on YDL"
• In reply to: Murias O'Ceallagh: "iptables"
• Reply: pete: "Re: iptables"

Murias, here's what springs to mind: first, you're going to have to dedicate
one of those 4 real IP's to being the public side of your NAT network
(actually "dedicate" is probably the wrong word, since you could always use
it for other stuff in addition)

Then you'd just want to set up iptables rules specifying both incoming
interface AND destination/source IP (meaning the IP address you've chosen to
masquerade with)

My favorite resource for iptables docs is Rusty's Remarkably Unreliable
Guides: <http://netfilter.samba.org/unreliable-guides/>

I'm pretty sure it has a section called "but what if all I need to do is
masquerade?" which should be pretty relevant.

Good luck!

- pete -
--------

> From: "Murias O'Ceallagh" <linux@dragonsblood.net>
> Reply-To: yellowdog-general@lists.yellowdoglinux.com
> Date: Mon, 27 Aug 2001 13:15:20 -0700
> To: <yellowdog-general@lists.yellowdoglinux.com>
> Subject: iptables
>
> *This message was transferred with a trial version of CommuniGate(tm) Pro*
> Hello,
>
> ok, there is a great chance that I could just be overly frustrated and
> thus not reading documantation properly. (loosely translated being an
> idiot..) I have been fighting with my server now for a spell. And would
> really like to just know if something is possible, maybe a little added
> help if available.
>
> Here is the situation;
> I have two NIC in my machine, kernel reads them just fine.
> On one card I have setup 4 (real) static ip addresses.
> All are doing things as they should.
> On the other card I wanted to place a private IP address and set it up
> for IP Masquerading for an internal network.
> Unfortunately, I have not been able to get this to work as of yet.
>
> To me this sounds like it should be possible, yet I can see where it
> might not be. I really do not think that I am the only one that is
> wanting/attempting something like this. Most of the docs I have found in
> regards to iptables does not cover any special cases if one is ip
> aliasing.
>
> Just knowing if this is possible, and maybe a direction to documentation,
> would be groovey. ;)
>
> Gracias in advance.
> Murias
>

• Next message: Charles E. Vavra: "Linux Online - App: Astaro Security Linux"
• Previous message: Murias O'Ceallagh: "Re: Darwin Streaming Server 3.01 running on YDL"
• In reply to: Murias O'Ceallagh: "iptables"
• Reply: pete: "Re: iptables"

This archive was generated by hypermail 2a24 : Mon Aug 27 2001 - 17:03:46 MDT