On Wed, Jul 07, 2004 at 11:51:02AM -0000, Svavar ?rn Eysteinsson wrote: > Hi everybody. > > I have one question about DNAT. > > I have a computer foo.com on an ipaddress xxx.xxx.xxx.xxx > > Is there any way for me to DNAT all traffic with destination to foo.com > to another server out-of-town, e.g. computer foobar.com with zzz.zzz.zzz.zzz > that > is not on my public network.? > > > > Diagram : (showing where the traffic should go) > > > Traffic with destination to Computer A > > INTERNET(ISP nr1) -------INTERNET(ISP nr2) > | | | > | | | > Network A | Network B > | | | > | | | > Firewall | Computer B (final destination) > | |-----| > ->Computer A > you can do iptables -t nat -I POSTROUTING -j -d foo.com DNAT --to-destination xxx.xxx.xxx.xxx the only problem is if the machine xxx.xxx.xxx.xxx can talk to the originator with talking to the machine nat'ing, then you need an SNAT rule as well. > Best regards, > > Svavar O > Reykjvik - Iceland > > >
Attachment:
signature.asc
Description: Digital signature
