On Sun, 2012-01-01 at 17:10 +0100, Anton Melser wrote:
> I thought that the best way to go would be to set up NAT using blocks
> in the 10.0.0.0 range. So say for each external IP I would have a /24,
> giving me up to 250-odd potential internal machines. So 10.1.1.1,
> 10.1.1.2, 10.1.1.3, etc. would map to 1.1.1.1; 10.1.2.1, 10.1.2.2,
> 10.1.2.3, etc. would map to 1.1.1.2, etc.
> I have been reading as many sites as I can but I can't work out the
> best way to go forward.
So, I think I understand that you want to SNAT a complete private subnet
to a corresponding public subnet. Is the NETMAP target usable for you,
or am I misunderstanding you completely?
Something like:
iptables -t nat -A POSTROUTING -s ${private_subnet} -j NETMAP --to
${public_subnet}
(http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#NETMAPTARGET)
--
Rob
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
