My network layout looks like this:
Local LAN (192.168.20.*) | | Switch | | Router/Firewall ---- DMZ (192.168.21.*) | | | Internet
Everything runs smoothly, except for one thing: I am unable to redirect DHCP request from the clients on the local LAN to the DHCP server inside the DMZ.
So my question is: How can I accomplish this task? Is it at all possible to redirect broadcasts from one subnet to another with the help of iptables?
I tried the following rules, but they didn't work out:
$IPTABLES -A FORWARD -p UDP -i $LAN_IFACE --dport 67 --sport 68 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -p UDP -i $LAN_IFACE -d 255.255.255.255 --dport 67 -j DNAT --to-destination $DMZ_DHCP_IP
I am running iptables v1.2.6a with kernel 2.4.20 on Debian GNU/Linux 3.0.
Any hint would be highly appreciated.
Thanks in advance, Carsten.
