[prev in list] [next in list] [prev in thread] [next in thread]
List: netfilter
Subject: 2 nat'd routes; is this correct?
From: "Matt" <matt () warezstein ! com>
Date: 2000-07-27 16:44:48
[Download RAW message or body]
If somebody could clarify that this is correct.. i would very much
appreciate it. I have a nat box with 3 nics.
- my intenral network is 172.16.40.0
- external network i need to reach is 172.20.176.0. they are reaching some
of my inside services through nat
- external network #2 is 192.168.163.0. they are also reaching some of my
inside services through nat
Obviously, when i go out to the 172.20.176.0 network, i want it to seem as
originating from 172.20.176.2 (nic on the linux box), and the same for
network#2; when i go out to 192.168.163.0, i want to seem like its coming
from 192.168.163.2.
Is the following all i need? is this very unsecure or?
my nic config in the linux machine
- 172.16.40.11 eth0
- 172.20.176.3 eth1
- 192.168.163.2 eth2
# rc.nat script
ifconfig eth1:2 172.20.176.2 netmask 255.255.255.0
ifconfig eth1:4 172.20.176.4 netmask 255.255.255.0
ifconfig eth2:3 192.168.163.3 netmask 255.255.255.0
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
iptables -A PREROUTING -t nat -p tcp -d 172.20.176.2 -j DNAT --to
172.16.40.2
iptables -A PREROUTING -t nat -p tcp -d 172.20.176.4 -j DNAT --to
172.16.40.4
iptables -A PREROUTING -t nat -p tcp -d 192.168.163.3-j DNAT --to
172.16.40.3
thanks a bunch
matt
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic