Greetings:
I'm in the process of building my first dedicated firewall using iptables/netfilter (v 1.2.11) on Gentoo Linux (2.6.11 kernel). I want to enable the natting of IPs, but I am having trouble getting the rules to take. Essentially, I would like to take a specific group of IPs (servers) and nat them specifically to an internal ip address. The remainder of the internal IPs (workstations - dhcp) should be natted outbound within a range of IPs.
Based on the docs on Netfilter.org and the man pages, I decided to start off with the following:
iptables -t nat -A PREROUTING -i eth0 -d 141.xxx.xxx.xxx -j DNAT --to-destination 10.xxx.xxx.xxx
But, when I try to run the command, it just hangs. After a while, I can break out of it with CTL-C.
What gives? Am I missing something?
-- Brian
