Re: IPTABLES and NATTING

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi

Sorry I have some changes in my question as I am confused initially.

                     linuxbox (p.q.r.t)
                            |
                            |
INTERNAL  ------ ABCD ----- INTERNET
 (p.q.r.s)                               (m.n.o.k)

ABCD has 3 interfaces connected to linuxbox, INTERNAL N/W, INTERNET.

I am able to ping from INTERNAL to linuxbox. So there is a path
available in routing table.

At present I am snatting the packets from linuxbox to INTERNET at
ABCD. I have a small doubt regarding the FTP from linuxbox since I
have to support ftp from linuxbox to both INTERNAL N/W as well as in
INTERNET.

How can I right a rule in iptables present in ABCD where it can decide
if the destination ip-address of ftp server is within INTERNAL N/W or
in INTERNET and do natting accordingly.

On 12/23/09, Pieter Smit <mlist2010@xxxxxxxxxxx> wrote:
> Can the internal network ping the Linux box ? (is the routing working)
>
> On Wed, Dec 23, 2009 at 6:21 AM, Ajith Adapa <adapa.ajith@xxxxxxxxx> wrote:
> > Hi
> >
> > Below is my network setup.
> >
> >                       linuxbox
> >                            |
> >                            |
> >  INTERNAL  ------ ABCD ----- INTERNET
> > (p.q.r.s)                               (m.n.o.k)
> >
> > ABCD has 3 N/W interfaces connected to linuxbox, INTERNAL N/W, INTERNET.
> >
> > Linuxbox has a private-address and it is not in the same subnet as
> > INTERNAL N/W. I have to do snat packets from linuxbox to INTERNAL N/W
> > or to INTERNET at ABCD.
> >
> > I have a small doubt regarding the FTP from linuxbox since I have to
> > support ftp from linuxbox to both INTERNAL N/W as well as INTERNET.
> >
> > How can I right a rule in iptables present in ABCD where it can decide
> > if the destination ip-address of ftp server is within INTERNAL N/W or
> > in INTERNET and do natting accordingly.
> >
> > --
> > Thanks,
> >
> > Ajith
> > ---------------------------------------------
> > www.codingfreak.blogspot.com
> > --
> > To unsubscribe from this list: send the line "unsubscribe netfilter" in
> > the body of a message to majordomo@xxxxxxxxxxxxxxx
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> >
>


-- 
Thanks & Regards

Ajith
---------------------------------------------
www.codingfreak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux