Re: nat help!

To: debian-firewall@lists.debian.org
Subject: Re: nat help!
From: itachi@cnt.uo.edu.cu
Date: Wed, 5 Apr 2006 07:04:00 -0400 (CDT)
Message-id: <[🔎] 3840.10.30.142.3.1144235040.squirrel@mail.cnt.uo.edu.cu>
In-reply-to: <49950560604050753tcc7beb3o4de91fbd61369627@mail.gmail.com>
References: <[🔎] 3670.10.30.142.3.1144232172.squirrel@mail.cnt.uo.edu.cu> <49950560604050753tcc7beb3o4de91fbd61369627@mail.gmail.com>

well

i added the rule to my iptables
but
nothing happends

thi thing is
i have 2 servers

10.30.142.12 internet access

10.30.143.1 no internet access however on the port 80 is running a webpage

now i want to set a rule on the iptables

to the users who access to the ip 10.30.142.12 on port 80
open the web on the internal ip = 10.30.143.1 :80

i guess thats the rule but nothing happends

check my iptables table
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
DROP       icmp -- !10.30.142.3          0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

there is nothing about 10.30.143.1
:(



> iptables --table nat --append POSTROUTING --source 10.30.142.12 -p tcp
> --dport 80 --jump SNAT --to-source 10.30.143.1
>
> This is 'Source Network Address Translation' and I guess this is what
> you want. You should be more specific in the future about what you
> want to achieve.
>
> On 4/5/06, itachi@cnt.uo.edu.cu <itachi@cnt.uo.edu.cu> wrote:
>> hello list
>> im trying to nat some address here but nothing happeds
>> check this rule
>> what is wrong in there=?
>>
>> iptables -P INPUT ACCEPT
>> iptables -P OUTPUT ACCEPT
>> iptables -P FORWARD ACCEPT
>> iptables -t nat -P PREROUTING ACCEPT
>> iptables -t nat -P POSTROUTING ACCEPT
>>
>> ## Empezamos a filtrar
>> ## Nota: eth0 es el interfaz conectado al router y eth1 a la LAN
>> # El localhost se deja (por ejemplo conexiones locales a mysql)
>> /sbin/iptables -A INPUT -i lo -j ACCEPT
>>
>> iptables -t nat -A PREROUTING --dst 10.30.142.12 -p tcp --dport 80 -j
>> DNAT
>> \--to-destination 10.30.143.1
>>
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>
>>
>> thats all on my iptables config
>>
>> what i have to add to make that rule work
>> or i have something wrong in there?
>


-------------------------------------------------
                           Luis A. Rondon Paz
    L I N U X       .~.    Admin intranet CNT
   The  Choice      /V\    icq #132736035
    of a GNU       /( )\   itachi@cnt.uo.edu.cu
   Generation      ^^-^^    Santiago de cuba
                   UONET







           ###########
         ###############
       ####           ####
-   ,$$P'               ###
- ',$$P       ,-***      ###
- `d$$'     ,##    *     ###
-  $$P      ##     *     ###
-  $$:      ##   -      ###
-  $$;      ###       ###
-  Y$$.    `   #######
-  `$$b      "-.__
-   `Y$$b
-    `Y$$.
-      `$$b.
-        `Y$$b.
-          `"Y$b._
-------------------------------------------------

Reply to:

References:
- nat help!
  - From: itachi@cnt.uo.edu.cu

Prev by Date: Re: nat help!
Next by Date: Re: nat help!
Previous by thread: Re: nat help!
Next by thread: Re: nat help!
Index(es):
- Date
- Thread