Hi!
I've the next network:
inet
|
|
| 20.5.90.194/26
| 20.5.90.195/26
---------------------
| eth0 |
| |
| internet gateway |
| |
| eth1 |
---------------------
| 192.168.100.254/24
| 192.168.210.254/24
|
+------------------+-----+----------------+
| | |
| 192.168.100.1/24 | 192.168.210.1 |
| | |192.168.210.2
-------------- +------------+ +--------+
| eth0 | | host 1 | | host 2 |
| SENDMAIL | +------------+ +--------+
--------------
The internet gateway is a linux 2.4.21 with iptables 1.2.8
On eth0, it haves two IPs public:
20.5.90.194/26
20.5.90.195/26
Since I can't to route last public IPs, and I need to run
a Sendmail server that can be visible from internet, I have maked
a DNAT rule, (and some SNAT rules too, in order to provide
internet access to LAN)
# iptables -L -t nat -n
give me the next:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT all -- 0.0.0.0/0 200.5.90.195 to:192.168.100.1
ACCEPT all -- 192.168.100.1 0.0.0.0/0
ACCEPT all -- 192.168.210.1 0.0.0.0/0
ACCEPT all -- 192.168.210.2 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.100.0/24
SNAT all -- 192.168.100.1 0.0.0.0/0 to:20.5.90.195
SNAT all -- 192.168.210.1 0.0.0.0/0 to:20.5.90.194
SNAT all -- 192.168.210.2 0.0.0.0/0 to:20.5.90.194
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
