[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Iptable NAT problem

Hello Peter and Daniel

On Mon, 2004-08-09 at 20:26, deb list wrote:
> iptables -t nat -A PREROUTING -i eth0 -d 203.94.71.36 \
> 		-j DNAT --to-destination 192.168.1.4
> > 
> > iptables -t filter -A FORWARD -d 203.94.71.36 ... -j ACCEPT
> and after the DNAT, the destination is re-written to 192.168.1.4
> so it would need to be..
>   iptables -t filter -A FORWARD -i eth0 -d 192.168.1.4 -j ACCEPT
Non of these worked :-o
Nothing wrong in your rules though. According to my ISP, I have to put a
route entry in my internet router (IBM 2210) to listen to "203.94.71.36"
ip.
To verify this, I put a prerouting rule to nat 192.168.1.4 to my
firewall's ip. Rule is like this,

iptables -t nat -A PREROUTING -i eth0 -d 203.94.71.42 -j DNAT
--to-destination 192.168.1.4

And a post routing like,

iptables -t nat -A POSTROUTING -s 192.168.1.4 -o eth0 -j SNAT
--to-source 203.94.71.45

And it worked :-)

I don't want to play with my internet router (since it will effect to my
whole network). Is there anyway of doing this?
Or is this the only way I can do?

Thanks for the help!

Pradeeper
Reply to: