About Iptables and Masquerade

To: Debian Firewall <debian-firewall@lists.debian.org>
Subject: About Iptables and Masquerade
From: Inaki Martinez <security@hostalia.com>
Date: 10 Jun 2002 16:29:23 +0200
Message-id: <[🔎] 1023719363.3374.11.camel@imd>

Hello!!!


 I have a Server (Firewall) with 3 interfaces:

      | A
      |
   +--+--+
B  |     |  C
---+     +----
   |     |
   +-----+

A = External IP (Valid Internet IP) eth0
B = External IP (Another Network Valid Internet IP) eth1
C = Local IP 192.168.1.1 eth2

NOTE: Forward is active and PCs and Servers in B Network work OK.


 How do i Masquerade the C Network????

 I need to connect to internet from a PC in the C Network (192.168.1.2)
 From a PC in C Network can see PCs in B network, but no internet PCs.


 The IPTables Howto writes:


Masquerading
There is a specialized case of Source NAT called masquerading: it should
only be used for dynamically-assigned IP addresses, such as standard
dialups (for static IP addresses, use SNAT above). 


So i MUST use SNAT.... OK........


# iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to External IP (A)

 I think this is NOT correct... in my case.....


 I am a bit lost...... could any help me??????


 Thanks in advance.






-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- RE: About Iptables and Masquerade
  - From: James <james@james-web.net>
- Re: About Iptables and Masquerade
  - From: Mirco Drick <curunir@daimi.au.dk>

Prev by Date: Re: private IP web server
Next by Date: RE: About Iptables and Masquerade
Previous by thread: ROUTEUR ET IDENTD
Next by thread: RE: About Iptables and Masquerade
Index(es):
- Date
- Thread