Very Computer

    First, Please forgive my poor English.
    I am need some help with NAT in linux. I am using OpenLinux 2.3
    Kernal was 2.2.10

    We have some real internet ip from ISP1. for example :
    1.2.3.4 - 1.2.3.10 (Sorry, I am using fake ip here)
    So we using ip alias at eth1
    1.2.3.4 => eth1
    1.2.3.5 => eth1:5
    1.2.3.6 => eth1:6
    ............
    1.2.3.10 => eth1:10

    we have another network card et0. and assign 192.168.1.1
    our local lan using 192.168.1.0/255.255.255.0

    We have another network card eth2 for another "ISP2"
    we also have real ip too: for example :
    4.3.2.1 - 4.3.2.10 (fake ip here again)
    so we using ip alias at eth2
    4.3.2.1 => eth2
    4.3.2.2 => eth2:2
    4.3.2.3 => eth2:3
    ........

    I have setup the route and masq. We can work fine from internal
192.168.1.0 network to access outside world of internet.

    Now I have problem to setup our www/mail/ftp server behide firewall
machine. for example . we setup an www server at 192.168.1.80

    How do I setup ipchains/ipmasqadm to allow outside world form
1.2.3.4 port 80 to 192.168.1.80 port 80 ?

    Does any know how to maping (NAT) real IP/Port into internal
IP/Port ?

    Any help will thanks.

Sent via Deja.com http://www.deja.com/
Before you buy.

I think this could do what you want.This example work for ssh
connections
(port 22)
man ipmasqadm for more informations.

#ipchains -I forward -p tcp -d clientA/32 -s hostB/32 22 -j MASQ
#ipchains -I input -p tcp -y -s clientA/32 -d 0/0 22 -m 2
#ipmasqadm mfw -I -m 2 -r hostB 22

for ftp use 21, mail 25 for smtp 110 for pop, www is 80...
but you must use this rule on your "real" interface.
I mean this won't work with aliases. (eth0:0,etc)

for you example this should work:

#ipchains -I forward -p tcp -d 1.2.3.4/32 -s 192.168.1.80/32 80 -j MASQ
#ipchains -I input -p tcp -y -s 1.2.3.4/32 -d 0/0 80 -m 2
#ipmasqadm mfw -I -m 2 -r 192.168.1.80 80

Quote:

>     First, Please forgive my poor English.
>     I am need some help with NAT in linux. I am using OpenLinux 2.3
>     Kernal was 2.2.10

>     We have some real internet ip from ISP1. for example :
>     1.2.3.4 - 1.2.3.10 (Sorry, I am using fake ip here)
>     So we using ip alias at eth1
>     1.2.3.4 => eth1
>     1.2.3.5 => eth1:5
>     1.2.3.6 => eth1:6
>     ............
>     1.2.3.10 => eth1:10

>     we have another network card et0. and assign 192.168.1.1
>     our local lan using 192.168.1.0/255.255.255.0

>     We have another network card eth2 for another "ISP2"
>     we also have real ip too: for example :
>     4.3.2.1 - 4.3.2.10 (fake ip here again)
>     so we using ip alias at eth2
>     4.3.2.1 => eth2
>     4.3.2.2 => eth2:2
>     4.3.2.3 => eth2:3
>     ........

>     I have setup the route and masq. We can work fine from internal
> 192.168.1.0 network to access outside world of internet.

>     Now I have problem to setup our www/mail/ftp server behide firewall
> machine. for example . we setup an www server at 192.168.1.80

>     How do I setup ipchains/ipmasqadm to allow outside world form
> 1.2.3.4 port 80 to 192.168.1.80 port 80 ?

>     Does any know how to maping (NAT) real IP/Port into internal
> IP/Port ?

>     Any help will thanks.

> Sent via Deja.com http://www.deja.com/
> Before you buy.

Quote:

> >     First, Please forgive my poor English.
> >     I am need some help with NAT in linux. I am using OpenLinux 2.3
> >     Kernal was 2.2.10

> >     We have some real internet ip from ISP1. for example :
> >     1.2.3.4 - 1.2.3.10 (Sorry, I am using fake ip here)
> >     So we using ip alias at eth1
> >     1.2.3.4 => eth1
> >     1.2.3.5 => eth1:5
> >     1.2.3.6 => eth1:6
> >     ............
> >     1.2.3.10 => eth1:10

> >     we have another network card et0. and assign 192.168.1.1
> >     our local lan using 192.168.1.0/255.255.255.0

> >     We have another network card eth2 for another "ISP2"
> >     we also have real ip too: for example :
> >     4.3.2.1 - 4.3.2.10 (fake ip here again)
> >     so we using ip alias at eth2
> >     4.3.2.1 => eth2
> >     4.3.2.2 => eth2:2
> >     4.3.2.3 => eth2:3
> >     ........

> >     I have setup the route and masq. We can work fine from internal
> > 192.168.1.0 network to access outside world of internet.

> >     Now I have problem to setup our www/mail/ftp server behide
firewall
> > machine. for example . we setup an www server at 192.168.1.80

> >     How do I setup ipchains/ipmasqadm to allow outside world form
> > 1.2.3.4 port 80 to 192.168.1.80 port 80 ?

> >     Does any know how to maping (NAT) real IP/Port into internal
> > IP/Port ?

> >     Any help will thanks.

> > Sent via Deja.com http://www.deja.com/
> > Before you buy.

  Hello!

  Anybody knows how can I do static NAT in linux using ipchains?

  Rodrigo

--
Posted via CNET Help.com
http://www.help.com/

yann

and download this file " nat-static-2.2.4-2.tar.gz " dated 09-Apr-99.

Try this site for very useful information...

  http://www.suse.de/~mha/HyperNews/get/linux-ip-nat.html

Hope this helps you.

Donna

Raymond

Quote:

>   Hello!

>   Anybody knows how can I do static NAT in linux using ipchains?

>   Rodrigo

> --
> Posted via CNET Help.com
> http://www.help.com/