|
Hello all.
I have a little problem to build a solution for a
customer (an hotel).
I try to explai the situation with an ascii
art
--------------
| PC | | Clent | ------------- | ip | -------------- | Firewall | | Bridge | ------------- | | |192.168.0.254 (example) -------------- | router | | | ------------- | Public IP Internet Client pc have your IP address and default gateway
that it's impossible to change.
Bridge/Firewall have to accept all pachets with all
ip adress (no problem... it' a bridge) and have to change the ip address of all
packets in order to send correctly to the router.
I build the bridge correctly (I Think)
with:
brctl addbr br0
brctl stp br0 off
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig bro 0.0.0.0 up
route add default gw 192.158.0.254
echo "1" >
/proc/sys/net/ipv4/ip_forward
After that bridge is working.
I try to dump pachets in eth0 and eth1 and packest
cross the bridge.
Noy I try to modify cleint packet address using
SNAT
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to
192.168.0.21 (example).
but in the second interface i view allvays the
original client packets....
I mistake something but I don't know
what.
I need help.
Thanks
Luca Scattin
|
