-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks for reply,
On Thursday 20 May 2004 14:30, Antony Stone wrote:
[ SNIP ]
[INTRANET 10.0.0.0/24]-------------+
+--[ROUTER]--(NET)
[DMZ SERVER A - 192.168.0.2]----+
[DMZ SERVER B - 192.168.0.3]----+
Each DMZ server is mapped to it's PUBLIC IP. For example:
151.8.47.A ----> 192.168.0.2
151.8.47.B ----> 192.168.0.3
[...]
> It's the reply packets which are the problem.
>
> http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO-10.html
i've read that manual but i't not so clear. It say to do a:
# iptables -t nat -A POSTROUTING -d 192.168.1.1 -s 192.168.1.0/24 \
-p tcp --dport 80 -j SNAT --to 192.168.1.250
but can't understand what it say for 192.168.1.250. As in my config, i've
write down that rule:
$IPTABLES -t nat -A POSTROUTING -d 151.8.47.B -s 192.168.0.0/24 -p tcp -j SNAT
- --to 192.168.0.1
...where 192.168.0.1 is the DMZ interface of ROUTER. It don't work. Where's
the error ?
Thanks. Oz
- --
Children are natural mimics who act like their parents despite every
effort to teach them good manners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFArKqVYuBSFbgkEysRAr5UAJ9BYkyVJ7UP659V1E46GhbWcADehwCgsKj4
2NJvOiTcojDX9CPzQPSG0Nc=
=Jx70
-----END PGP SIGNATURE-----
