Re: NAT iptables routing issue

To: <debian-firewall@lists.debian.org>
Subject: Re: NAT iptables routing issue
From: Stéphane RIGOULOT <srigoulot@siagep90.fr>
Date: Thu, 8 Jul 2004 14:58:03 +0200
Message-id: <[🔎] 003501c464eb$35802820$3001a8c0@cdg90.fr>
References: <[🔎] 200407082213.23701.biocorporation-1@optusnet.com.au>

-----Here my NAT is working

----------------------------------------------------------------------------
--------------------------------
#POSTROUTING
iptables -t FILTER -N POSTROUTING
# You add the next  line for logs results
#iptables -t FILTER -A POSTROUTING -j LOG

iptables -t NAT -A POSTROUTING -o eth0 -s localhost -j MASQUERADE
iptables -X -t nat

#PREROUTING
iptables -t FILTER -N PREROUTING
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to
ip_target

----------------------------------------------------------------------------
--------------------------------
Have Fun !

----- Original Message ----- 
From: "Caveman" <biocorporation-1@optusnet.com.au>
To: <debian-firewall@lists.debian.org>
Sent: Thursday, July 08, 2004 2:13 PM
Subject: NAT iptables routing issue


> Hi all,
>
> I have a slight problem I am not sure how to get around.
> Firstly let me draw you a picture. I have computer 'A' which is directly
> connected to the internet and is the ONLY computer to have a internet IP.
> It routes (via nat ) traffic from clients on the lan to the internet etc.
>
> Now on box 'B' I have a webserver running and I have forwarded (using
> prerouting) port 80 to box 'B''s LOCAL IP. This works fine for people
outside
> my network (IE, the internet) but I cant access the webserve by using the
> internet IP from the lan, its never been a big issue, but i have finally
> decided that I need to work out how to fix this.
>
> Any ideas ? The below code is my NAT and prerouting stuff i have setup. I
know
> that the postrouting rule i have now is whats causing the issue, but I am
> unsure as to how I should get around this.
>
>
> Thanks.
>
> Caveman
>
> -----------------------------------
> #NOTE eth0 is connected to the internet, eth1 is lan.
> # flush any old rules
> $IPTABLES -F -t nat
> # turn on POSTROUTING
> $IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE
> #forward port 80 from INTERNET IP connections to 192.168.0.2 port 80
> $IPTABLES -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to
> 10.1.1.2:80
> ------------------------------------------------------------
>
>
>
>
> -- 
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>

Reply to:

References:
- NAT iptables routing issue
  - From: Caveman <biocorporation-1@optusnet.com.au>

Prev by Date: Re: NAT iptables routing issue
Next by Date: Re: NAT iptables routing issue
Previous by thread: Re: NAT iptables routing issue
Next by thread: Re: NAT iptables routing issue
Index(es):
- Date
- Thread