Cool :0) Thanks. Anyone know how I would draw this in fwbuilder?. This scenario confuses me. :0( Thanks a lot. Best regards, Svavar O -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Gavin Hamill Sent: 7. júlí 2004 12:07 To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: DNAT to another Network? On Wednesday 07 July 2004 12:51, Svavar Örn Eysteinsson wrote: > Hi everybody. > > I have one question about DNAT. > > I have a computer foo.com on an ipaddress xxx.xxx.xxx.xxx > > Is there any way for me to DNAT all traffic with destination to foo.com > to another server out-of-town, e.g. computer foobar.com with > zzz.zzz.zzz.zzz that > is not on my public network.? Yes, basically using Computer A to be an IP-level proxy. Note that the source address as seen by Computer B will always be that of Computer A. If this is not a problem, you can use: $IPTABLES -t nat -A PREROUTING -p tcp --dport 80 -d xxx.xxx.xxx.xxx -j DNAT --to zzz.zzz.zzz.zzz $IPTABLES -A FORWARD -p tcp --dport 80 -d xxx.xxx.xxx.xxx j ACCEPT $IPTABLES -t nat -A POSTROUTING -p tcp --dport 80 -d zzz.zzz.zzz.zzz -j SNAT --to xxx.xxx.xxx.xxx Drop the '--dport 80' bits if you want all traffic, not just HTTP to be proxied. Cheers, Gavin.
BEGIN:VCARD VERSION:2.1 N:Eysteinsson;Svavar;Örn FN:Svavar Örn Eysteinsson (svavar@xxxxxxxx) - Fíton ehf ORG:Fíton ehf;IT TITLE:Kerfisstjóri / System Administrator TEL;WORK;VOICE:5953600 TEL;CELL;VOICE:8621624 TEL;WORK;FAX:5953649 ADR;WORK:;;Garðastræti 37;RVK;;101;Iceland LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Gar=F0astr=E6ti 37=0D=0ARVK 101=0D=0AIceland URL;WORK:http://www.fiton.is EMAIL;PREF;INTERNET:svavar@xxxxxxxx REV:20040616T133518Z END:VCARD
