thank'z Manish! But i dont understant what you mean here:
In ur scenario u will require only PREROUTING rule, but if want to access internet behind ur friewall, then need the POSTROUTING rule also. Choice is URs.
If i want that my servers access internet? On 6/1/06, manish Jamwal <manish.jamwal@xxxxxxxxx> wrote:
Hi When the server's r behind the firewall, u only need PREROUTING rule with target as DNAT. The POSTROUTING rule is required when ur traffic will be outwards, means u access the server's which are on ur WAN side. In ur scenario u will require only PREROUTING rule, but if want to access internet behind ur friewall, then need the POSTROUTING rule also. Choice is URs. This information is as per my knowledge. :) Manish On 6/1/06, Stephan Higuti <higuti.sam@xxxxxxxxx> wrote: > Hello guys.... > I have a question about PREROUTING and POSTROUTING. > I'm making a new firewall script..... > In this script, i put some PREROUTING rules , ex: > > ####################### Apache ########################## > iptables -t nat -A PREROUTING -d 200.xxx.yyy.zzz -p tcp --dport 80 -j > DNAT --to-destination 192.168.23.7:80 > > But i need to put some POSTROUTING rules to this? > My situation: My firewall will reply for 4 differents Ip's (reals) , > one for apache , other for e-mail server, etc............ > This PREROUTING rule get a pack that come from internet to a IP "x" , > and i want that all that incoming to this ip , to be forward to my > internal ip. > So , i think that PREROUTING rules its right... but i dont if i need > to create a POSTROUTING for this..... > Waiting Help.... > > p.s.:* Sorry for my bad, bad english =D > > Cheers > > -- > --------------------------------------------------------------------- > Stephan Higuti > MSN: higutisam@xxxxxxxxxxx > Email: higuti@xxxxxxxxxx > --------------------------------------------------------------------- > >
-- --------------------------------------------------------------------- Stephan Higuti MSN: higutisam@xxxxxxxxxxx Email: higuti@xxxxxxxxxx Técnico em Informática Adm servidores Linux FAI - Faculdades Adamantinenses Integradas ---------------------------------------------------------------------
