HELP ON LINUX-2.2.4 and IPROUTE2 AGAIN

HELP ON LINUX-2.2.4 and IPROUTE2 AGAIN

Post by Sylvain FAVR » Sat, 24 Apr 1999 04:00:00



Do someone improved fast NAT on more than two interfaces ?

I try to do static nat on internet , I have two privates networks , one
DMZ , one internet access.

When I define the NAT rule , I have one problem

when the packet comes from the dmz , they are translate for all
interfaces . But I only want translate on internet interface. But when
the packet are going to the DMZ , only internet packets are translate.

I try two definitions :

ip rule add from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

or

ip rule add dev eth0 from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

where XX.XX.XX.XX is my adress on the DMZ and YY.YY.YY.YY is my adress
on internet.

Can someone help me ?

--
-----------------------------------------------


  sfavre.vcf
< 1K Download
 
 
 

HELP ON LINUX-2.2.4 and IPROUTE2 AGAIN

Post by Sylvain FAVR » Sat, 24 Apr 1999 04:00:00


Do someone improved fast NAT on more than two interfaces ?

I try to do static nat on internet , I have two privates networks , one
DMZ , one internet access.

When I define the NAT rule , I have one problem

when the packet comes from the dmz , they are translate for all
interfaces . But I only want translate on internet interface. But when
the packet are going to the DMZ , only internet packets are translate.

I try two definitions :

ip rule add from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

or

ip rule add dev eth0 from XX.XX.XX.XX nat YY.YY.YY.YY table main
ip route add nat YY.YY.YY.YY via XX.XX.XX.XX table local

where XX.XX.XX.XX is my adress on the DMZ and YY.YY.YY.YY is my adress
on internet.

Can someone help me ?

--
-----------------------------------------------


  sfavre.vcf
< 1K Download