Suzana Lojic-Skoric wrote:
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
and everything is as described.
Yes, you are right, but the problem is between my inside client and
the NAT gateway I have a machine that drops everything that is not
10.x.x.x. I know, I know, it is insane... but my job is to find a
solution for DNS in such network.
So basically, my inside network can only route 10.x.x.x and everything
else is dropped.
As /dev/rob0 pointed out, if you don't want your clients to talk with
google directly use proxies.
I'll check out the proxy idea. Thanks for your input.
Suzana
You could use a Proxy but this would not solve your problem of 'have a
machine that drops everything that is not 10.x.x.x' ... even with a
proxy you would need that at least that machine would be able to access
Public Big Internet.
Maybe i missed the point ... but if you can not access anything else
then 10.x.x.x because something beetween clients and DefaultGW would
drop it i don't see any escape other then configuring the proxy on your
NAT Device because it should have not problem accessing the Public Internet.
Bye
Francesco
