On Friday 2008-04-18 11:27, Javier Prieto Martínez wrote: > Hi. > I have a linux appliance from Eneo Tech. (http://www.eneotecnologia.com/) with > the following setup: > > (192.168.1.x) 192.168.1.7 > ---- SERVER1 192.168.2.1 > [ LAN1 ] ----------- [ ROUTER ] ---------- [ APPLIANCE ] -------- [ LAN 2 ] > --------| > 192.168.2.7 192.168.2.140 > (192.168.2.x) ---- SERVER2 192.168.2.2 your ascii art is broken > The appliance has 4 ethernet cards, and a br0 bridge which includes all them. > ETH2 is connected to the router, ETH3 is connected to LAN2, and BR0 has an IP > address of LAN2. > > I've tried the following rule: > > iptables -t nat -A PREROUTING -p tcp -d 192.168.2.1 --dport 80 > --to-destination 192.168.2.2:80 -j DNAT IF you do bridge, then despite cabling being correct, you get a NAT shortcircuit: jengelh.medozas.de/images/dnat-mistake.png > 2) I have to use ebtables, as I'm using a bridge. Not always. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
