According to the RFC 3330 the address range 10.0.0.0 - 10.255.255.255 is a private adress range. Jorge Dávila. 2009/7/23 Wilbert J. Rojas O. <sysadmin@xxxxxxxxxxxx>: > Thanks but i have only one internet provider. I was trying with SNAT and > DNAT but i failed with this rules: > > iptables -t nat -A PREROUTING -p all -d 200.9.190.25 -i eth0 -j DNAT --to > 10.24.54.96 > iptables -t nat -A POSTROUTING -p all -d 10.24.54.96 -o eth0 -j SNAT --to > 200.9.190.25 > > from mail server enter in my web browser this URL http://www.cualesmiip.com/ > and always get out to INTERNET through 200.9.190.20 and not through > 200.9.190.25. > > Any idea ?? > > Regards > > ================================ > Ing. Wilbert José Rojas Ochoa. > Administrador de Sistemas > Ideay ~ Equipos y Sistemas. > Managua, Nicaragua. > Telf. +(505) 2277-4000 Ext: 115. > Fax +(505) 2277-4411. > USA: +(305) 735-8364. > Cel. +(505) 8883-2877. > ================================ > > > > Jorge Dávila escribió: >> >> Good morning, >> >> You need acomplish something similar to this >> >> http://lartc.org/lartc.html#LARTC.RPDB.MULTIPLE-LINKS >> >> Best regards, >> >> Jorge Dávila. >> >> On Thu, Jul 23, 2009 at 11:02 AM, Wilbert J. Rojas >> O.<sysadmin@xxxxxxxxxxxx> wrote: >> >>> >>> Hello, >>> >>> My Network configuration is that: >>> >>> >>> ISP >>> | >>> | >>> | >>> | *eth0 200.9.190.20* *eth0:1* 200.9.190.21 *eth0:2* 200.9.190.23 >>> *eth0:3* >>> 200.9.190.24 *eth0:4* 200.9.190.25 >>> LINUX BOX >>> | *eth1 10.24.54.1/32* >>> | >>> | >>> LAN 10.24.54.0/24 gw 10.24.54.1 >>> | >>> | >>> MAIL SERVER 10.54.24.96/32 gw 10.24.54.1 >>> >>> >>> >>> All machines to get out to INTERNET through my LINUX BOX included my MAIL >>> SERVER but i want that MAIL SERVER to get out to INTERNET with IP Public >>> Address different like 200.9.190.25 and my all rest network get out >>> through >>> 200.9.190.20 >>> >>> The rules i have applied like this but i don't know how to do that: >>> >>> /sbin/iptables -t nat -A PREROUTING -i eth1 -s 10.24.54.0/255.255.255.0 >>> -d >>> 0/0 -p tcp --dport 80 -j REDIRECT --to-port 8080 >>> /sbin/iptables -t nat -A PREROUTING -i eth1 -s 10.24.54.0/255.255.255.0 >>> -d >>> 0/0 -p tcp --dport 8080 -j REDIRECT --to-port 8080 >>> >>> /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >>> >>> /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 200.9.190.20 >>> --dport >>> 25 -j DNAT --to-destination 10.24.54.96:25 >>> /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 200.9.190.20 >>> --dport >>> 110 -j DNAT --to-destination 10.24.54.96:110 >>> /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d 200.9.190.20 >>> --dport >>> 143 -j DNAT --to-destination 10.24.54.96:143 >>> >>> >>> Any help or suggestions ?? >>> >>> Regards. >>> >>> >>> >>> ================================ >>> Ing. Wilbert José Rojas Ochoa. >>> Administrador de Sistemas >>> Ideay ~ Equipos y Sistemas. >>> Managua, Nicaragua. >>> Telf. +(505) 2277-4000 Ext: 115. >>> Fax +(505) 2277-4411. >>> USA: +(305) 735-8364. >>> Cel. +(505) 8883-2877. >>> ================================ >>> >>> >>> >>> -- >>> ================================ >>> Ing. Wilbert José Rojas Ochoa. >>> Administrador de Sistemas >>> Ideay ~ Equipos y Sistemas. >>> Managua, Nicaragua. >>> Telf. +(505) 2277-4000 Ext: 115. >>> Fax +(505) 2277-4411. >>> USA: +(305) 735-8364. >>> Cel. +(505) 8883-2877. >>> ================================ >>> >>> -- >>> To unsubscribe from this list: send the line "unsubscribe netfilter" in >>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>> >>> >> >> >> >> > -- Jorge Isaac Dávila López +505 8430 5462 jorgedavilalopez@xxxxxxxxx --- Esta tierra es Linux. En las noches calladas puede escucharse a las máquinas Windows re-iniciándose... -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
