Re: Using iptables to anonymize incoming IP addresses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



andy thomas escreveu:
But, I want all the packets received by the webserver to appear to be
coming from the address 192.168.1.1, not the external public IP address
they really came from, eg the apache logs will show all page requests as
coming from 192.168.1.1. Can this be done with iptables?

   sure !!! Pretty simple.

   you'll need a DNAT rule for the 80 port forwarding

and you'll need a SNAT rule to, to make the firewall source-nat all connections 'going' to your real webserver

192.168.1.1 = your firewall
192.168.1.200 = your real web server


iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 192.168.1.200 -j SNAT --to-source 192.168.1.1


--


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br

	Minha armadilha de SPAM, NÃO mandem email
	gertrudes@xxxxxxxxxxxxxx
	My SPAMTRAP, do not email it




--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux