From: "James Shewey"
try:
iptables -A POSTROUTING -s 192.168.123.0/24 -d
www.externaldomainname.com -j DNAT
--to-source 192.168.123.161 -t nat
This will automagically fill in the destination IP for you and
redirect any traffic sent to the external IP. This works on my home
rig with FTP. Just make sure DNS is working!
Thanks James, that ended up resolving the address (via DNS) right before the
rule was inserted, which to me seems sensible and the right thing to do.
So, it does work, but when the addr changes (dhcp), the rule becomes
obsolete.
A previous response triggered me to pay a closer look to the FAQs and
according to the "Destination NAT onto the same network" section of the NAT
Howto/FAQ, the following two rules should work:
# iptables -t nat -A PREROUTING -d 1.2.3.4 -p tcp --dport 80 -j DNAT
--to 192.168.1.1
# iptables -t nat -A POSTROUTING -d 192.168.1.1 -s 192.168.1.0/24 -p tcp
--dport 80 -j SNAT --to 192.168.1.250
However, this stuff assumes that the public address of the server is static
(1.2.3.4 in the above rules) and I am trying to make this work when the
public address is dhcp'ed.
Is there a way to make this work with dynamic IP addresses? Assume dynDNS
is at work here...
Thanks.
_________________________________________________________________
Check out all that glitters with the MSN Entertainment Guide to the Academy
Awards® http://movies.msn.com/movies/oscars2007/?icid=ncoscartagline2
