Brigde and Firewall with linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all.
I have a little problem to build a solution for a customer (an hotel).
I try to explai the situation with an ascii art
--------------
|      PC        |
|    Clent       |
-------------
        |  ip     
        |
--------------
|  Firewall     |
|   Bridge      |
-------------
        |
        |
        |192.168.0.254 (example)
--------------
|  router        |
|                   |
-------------
        | Public IP              
Internet
 
Client pc have your IP address and default gateway that it's impossible to change.
Bridge/Firewall have to accept all pachets with all ip adress (no problem... it' a bridge) and have to change the ip address of all packets in order to send correctly to the router.
I build the bridge correctly (I Think) with:
brctl addbr br0
brctl stp br0 off
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig bro 0.0.0.0 up
route add default gw 192.158.0.254
echo "1" > /proc/sys/net/ipv4/ip_forward
 
After that bridge is working.
I try to dump pachets in eth0 and eth1 and packest cross the bridge.
 
Noy I try to modify cleint packet address using SNAT
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.0.21 (example).
but in the second interface i view allvays the original client packets....
I mistake something but I don't know what.
I need help.
Thanks

 
Luca Scattin


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux