Jason Opperisano wrote: > On Thu, Jan 06, 2005 at 12:14:16AM +0800, edwardspl@xxxxxxxxxx wrote: > > Dear All, > > > > Is there a sample ( nat scripts ) for the title ? > > EXT_IF="eth0" > INT_IF="eth1" > SRV1="10.1.1.10" > > iptables -t nat -A PREROUTING -i $EXT_IF -p tcp --dport 80 \ > ?-j DNAT --to-destination $SRV1 I want to know why needn't to define the original IP ( Public IP ) ? eg : iptables -t nat -A PREROUTING -i $EXT_IF -p tcp -s 202.175.xxx.xxx --dport 80 \ ?-j DNAT --to-destination 192.168.xxx.xxx Sorry, what useful about the following function ( command line ) ? > iptables -A FORWARD -i $EXT_IF -o $INT_IF -p tcp --syn -d $SRV1 \ > ?--dport 80 -j ACCEPT In additional, if I want to setup a NAT ( 192.168.101.0/24 ) with a Server machines ( 192.168.100.1 ) behind Firewall... So, is there more than one sample ( nat scripts ) for reference ? Edward.
