On Sunday 02 May 2004 4:29 pm, Jee J.Z. wrote:
> Hi Antony,
>
> Sorry for the confusion.
>
> > > My rules on a gateway linux box (PC2) are set as follows:
> > >
> > > Internet (PC1 and so on)
> > > |
> > > |
> > > (eth0:global_ip)
> > > PC2
> > > (eth1:192.168.0.1)
> > > |
> > > |
> > > Internal networks (PC3 (192.168.0.2) and so on...)
> > >
> > > iptables -F
> > > iptables -F -t nat
> > > iptables -I FORWARD -j QUEUE
> > > iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to global_ip
> > > iptables -t nat -A PREROUTING -i eth1 -j DNAT --to 192.168.0.2
> >
> > That is a weird-looking rule. Where does IP 192.168.0.2 exist on the
> > above diagram?
>
> It's the internal IP of PC3. I modified the diagram a little bit. Thank you.
I modified it a bit too, so we don't have problems with line-wrap.
So, what you're saying is that any packet coming in on eth1, addressed to
anywhere at all, gets DNATted, and sent straight back out eth1 again, now
addressed to PC3. Hm.
Why?
Antony.
PS: I'm not sure if the sig below (which gets selected at random by my mail
client) is appropriate here, however I can't see it doing any harm to remind
people :)
--
90% of networking problems are routing problems.
9 of the remaining 10% are routing problems in the other direction.
The remaining 1% might be something else, but check the routing anyway.
Please reply to the list;
please don't CC me.
