Re: NAT and a public IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



В Срд, 15/04/2009 в 11:46 -0500, sgmayo@xxxxxxxxxxxxxxxxxxxxxxxxx пишет:
> I have my machines on a private network that are then NATed to one of my
> public IPs.
> 
> i.e.
> IPTABLES -t nat -A POSTROUTING -o eth0 -j SNAT --to-source $Public_IP
> 
> Every once in a bit I need to do something with a public IP other than the
> one that is SNATed.  I usually just plug the machine into the public side
> of the switch and let it have a public IP.
> 
> I was just curious if there was a way that I could stick the public IP
> machine inside my private network and have my IPTABLEs route anything
> coming from ETH1 (my private network card) with a public IP that is within
> my public IP range, to just go on to the outside world without getting
> SNATed.
> 
> In othewords if I put public ip xx.xx.xx.xx in a windows machine and stuck
> it in my private network then it would still have public ip xx.xx.xx.xx
> instead of $Public_IP (from the above SNAT) when it came out of my box.

I would do that like this:

iptables -t nat -A POSTROUTING -o ext_if -s $Privat_IP2 -j SNAT
--to-source $Public_IP2
iptables -t nat -A PREROUTING -i ext_if -d $Public_IP2 -j DNAT
--to-destination $Privat_IP2

-- 
Покотиленко Костик <casper@xxxxxxxxxxxx>

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux