Am Do, den 07.10.2004 schrieb Hans du Plooy um 12:21:
> Hi guys,
> I need to drop a box inbetween two public services (windows boxen), that will
> route traffic between the two. They *can* see each other directly, but are
> not allowed to (for reasons beyond my control). So far so good, except for
> one thing. It looks like this:
> A (win) ----------------------- B (lin) ------------------------ C (win)
Put A and C on different subnets.
Let B do the routing between the subnets.
Use NAT (network address translation) in order to make A believe it is
talking to C. Do whatever you please with the traffic on B ( e.g. port
forwarding to C).
> What should happen is that A will contact B (on B's IP) thinking that it is
> the windows PC. And vice-versa. C will contact B (on B's IP) thinking it is
> A. So NATing both ways. Any traffic arriving at A sent from C will look to
> A as if it's coming from B, and vice versa. I hope that's clear enough.
> B has two interfaces, and I have no access to A or C - can't change anything
> on them. Let's say the IPs are:
> A = 220.127.116.11
> B = 18.104.22.168 and 22.214.171.124
> C = 126.96.36.199
> I've been reading loads of iptables docs, most of Rusty Russel's stuff too but
> it's confusing me more. From what he writes it almost looks like I'll need
> more than one machine inbetween, which is also out of the question (rackspace
> costs money).
> Any suggestions will be appreciated!
> Kind regards
> Hans du Plooy
> Newington Consulting Services
> hansdp at newingtoncs dot co dot za
Von der Handelskammer Bremen oeffentlich bestellter und vereidigter
Sachverstaendiger fuer Systeme und Anwendungen der Informationsverarbeitung
Intranet Engineering GmbH Fahrenheitstr. 1, D-28359 Bremen
Tel: +49-421-2208-171 E-Mail:email@example.com
web: www.intranet-engineering.de www.sv.lueters.de