Andrus, Mr. Brian (Contractor) a écrit :
In the diagram:
System A: Client
System B: Proxy
System C: Server
[...]
+---------------+
| System A |
+-------+-------+
|
{===============}
{ Internet }
{===============}
|
+---------------+ +---A.B.C.x-----+
| Router +--------| System B +
+-------+-------+ +---------------+
|
+-------+-------+
| System C |
+---X.Y.Z.x-----+
If you have the following rule in system B's nat table :
-A PREROUTING -p tcp --dport 80 -j DNAT --to ip_C
you just need to add the following rule :
-A POSTROUTING -d ip_C -p tcp --dport 80 -j SNAT --to ip_B
System C will see ip_B as the client address and will send the replies
back to it, so system B can put back the original addresses.
I suppose you are aware that the router would be a much better place to
to the DNAT that system B. Actually you would not need system B. I am
not sure I understand the purpose of this setup.
