This may sound strange but have you tried. echo 1 > /proc/sys/net/ipv4/ip_forward With out setting this to 1 your machine will not forward any request. But since I can't not make out specifically what you are asking I really can't help more that suggesting you check the above. > No with this the conecction DEAD! > > i supouse when have NAT lose de gateway is this possible? because when > apply the rules the connection to internet from 192.168.1.33 lost. > > its very rare no? > > If anyone have another idea please send me!!!! :( > > > >> > I send this question again if is possible to anyone help me. or if >> is possble. >> > >> > > Hi, Me AGAIN and my iptables problem.! :( >> > > >> > > again description my net and my problem. >> > > >> > > Have a 200.40.226.64 /28 net *public NET >> > > have a 192.168.1.0 /24 net *private NET >> > > >> > > have a 200.40.226.66 server running iptables * Is the gateway >> > > >> > > have a VoIp box THIS is the PROBLEM. >> > > i need to put behind the firewall and have the address >> 192.168.1.33 but i need to outside with 200.40.226.69 and received >> external requirements with this ip but iptables not function for >> me. i Put this lines but dont work i need Route? or something >> else??? >> > > >> > > iptables -t nat -A POSTROUTING -s 192.168.1.33/255.255.255.255 -o >> eth0 -j SNAT --to 200.40.226.70 >> > > >> > > iptables -t nat -A PREROUTING -s 200.40.226.70/255.255.255.255 -i >> eth0 -j DNAT --to 192.168.1.33 >> > > >> >> I've only set up NAT once, so I'm not sure if I can help you, but here >> goes: >> >> Have you set up forwarding? On my setup I had to make sure that >> traffic from the computer behind the firewall was forwarded. I would >> try something like this on your setup: >> >> # Forwarding ALL traffic from your internal lan on the ethernet device >> # $LAN_IFACE: Or you could do something similar to the line accepting >> traffic # from 200.40.226.70. >> $IPTABLES -A FORWARD -i $LAN_IFACE -j ACCEPT >> >> $IPTABLES -A FORWARD -s 200.40.226.70 -d 192.168.1.33 -j ACCEPT >> >> # Accepting forwarded traffic started by >> $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT >> >> # Then >> >> iptables -t nat -A POSTROUTING -s 192.168.1.33 -o eth0 -j SNAT >> --to-source \ 200.40.226.70 >> iptables -t nat -A PREROUTING -i eth0 -d 200.40.226.70 -j DNAT \ >> --to-destination 192.168.1.33 >> >> # You could probably be a bit more restrictive than the above lines. >> >> -- >> Øystein Olsen, oystein.olsen@astro.uio.no, http://folk.uio.no/oeysteio >> Institute of Theoretical Astrophysics, http://www.astro.uio.no >> University of Oslo, Norway >> >> >> >> -- >> Psyche-list mailing list >> Psyche-list@redhat.com >> https://listman.redhat.com/mailman/listinfo/psyche-list > ---end quoted text--- > > -- > > Pablo Allietti > > LACNIC > > Registro de Direcciones de Internet para America Latina y el Caribe > Registro de Enderecamento de Internet para America Latina e Caribe Latin > American and Caribbean Internet Addresses Registry > > Potosi 1517 Montevideo - Uruguay > Tel. +598 2 6015846 // 6062822 Fax: 6015599 > > > > -- > Psyche-list mailing list > Psyche-list@redhat.com > https://listman.redhat.com/mailman/listinfo/psyche-list -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
