[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: nat help!

David Panofsky a écrit :
In one of your posts you mentioned that the web server is not directly connected to the internet. That caused me to think about it's routing configuration... Does this server ( have a route to get back to the NAT box (

It's a little more complicated. The serveur must have a route to the *client* address *via* the NAT box.

But again, without more detail from Luis, all we can do is speculate endlessly.

Another possible problem that you may be having is due to how you're accessing the NATed service. Are your trying to access it from a third computer on the other side of the NAT box, or from that box itself? I know it can be tricky to get a packet originating from the NAT server itself to be properly processed by the iptables rules.

It's not that tricky, you just need to copy the DNAT rule in the OUTPUT chain. And of course you need a Linux kernel version >= 2.4.19, and for versions < 2.4.29, it must have been compiled with the option CONFIG_IP_NF_NAT_LOCAL enabled.

PS : Could people posting on this list cut unnecessary quote in their replies, and avoid HTML ? Thanks.

Reply to: