From: Fergal Moran (fergal.moran at domain wasptech.com)
Date: Tue 29 May 2001 - 11:54:09 IST
Ok - thanks to Dave Airlie - iptables is nearly working
I have added only two rules
iptables -A PREROUTING -t nat -p tcp -d <external_nic_addr> --dport 80 -j
DNAT --to 192.168.1.6
iptables -A POSTROUTING -t nat -s <internalnetwork>/netmask -d 0/0 -j
MASQUERADE
The measquerading part works fine - however the DNAT part only half works -
if on a machine on our network I try
it correctly transalates it to the internal webserver at 192.168.1.6
however on an external machine - I get a "Page cannot be displayed" error
I can ping the external address from the outside world - so that is not the
If it is of any use - I have 2 external IP's on the external NIC - but am
Thanks for listening
Fergal.
This archive was generated by hypermail 2.1.6
: Thu 06 Feb 2003 - 13:10:29 GMT
http://
problem and the webserver will allow connections from any IP address.
only attempting DNAT on one of them eth0:0 - if I run apache on the box I
can access it using the non-DNAT'd ip address - but if I use the DNAT'd
address then I do not see the apache web site - so some form of packet
mangling is definitely happening.