On Mon, Nov 10, 2003 at 09:58:53AM +0000, Antony Stone wrote: > > You need two more things: > > 1. A FORWARDing rule to allow the traffic through: > > iptables -A FORWARD -p tcp --dport 25 -d 10.1.1.2 -j ACCEPT > > (note that this rule uses the true destination address, because the FORWARD > chain comes after the PREROUTING chain, so the DNAT has already been done.) > > 2. An ARP response on the external interface so your router knows that > 213.25.24.3 can be found there: > > old method: > ifconfig eth0:1 213.25.24.3 > > new method: > ip addr add dev eth0 213.25.24.3 > If I have a network routed to my linux box say 192.168.1.0/24, do I still have to add every IP on the subnet if I want to be able to use NATing for the entire subnet? Also doesn't adding 250 IP addresses to a NIC affect performance? ==== Tomas Edwardsson > > Antony.
