On Fri, 2005-03-11 at 07:43, Dimitri Yioulos wrote:
> Hello, all.
>
> I've recently set up iptables-1.2.8-12.3 on a CentOS 3.4 (RHEL AS 3) box.
> Among other things, I've created a DMZ where my Web and mail servers live.
> My problem is that my Web and mail servers identify themselves with the NAT
> ip address that I've assigned Here's my NAT rule:
>
> IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j SNAT --to-source $INET_IP
>
> How can I get these two servers to identify themselves by their own ip
> addresses and still provide NAT for my users?
specify the source address so that only packets from the inside network
match the SNAT rule:
iptables -t nat -A POSTROUTING -o $INET_IFACE -s $INSIDE_NET \
-j SNAT --to-source $INET_IP
-j
--
"The kneebone's connected to the... something. The something's
connected to the... red thing. The red thing's connected to my wrist
watch... Uh oh."
--The Simpsons
