Re: is it possible to nat to the routed IP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, December 12, 2006 07:34, Zhen Zhou wrote:
> Hi all,
>
>
> one example network looks like:

[ASCII image skipped)

> So is it possible to nat from 210.153.22.y to 192.168.2.208?
> If possible, how to do it

The gateway must have a route for 192.168.2.x set to 192.168.5.202.
The default gateway for the router must be 192.168.5.201.
The default gateway for 192.168.2.208 must be 192.168.3.254.

Packet arrives at 210.153.22.y.
Packet is DNAT-ed to 192.168.2.208.
Gateway sends packet to 192.168.5.202.
Router at 192.168.5.202 routes packet to 192.168.2.208.

Example, http:

$ipt -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
$ipt -A FORWARD -m state --state NEW -d 192.168.2.208 \
  -p tcp --dport 80 -j ACCEPT

$ipt -t nat -A PREROUTING -d 210.153.22.y -p tcp --dport 80 \
  -j DNAT --to 192.168.2.208


Grts,
Rob
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux