IP forwarding
Stuart Sears
stuart at sjsears.com
Mon Sep 13 22:43:12 UTC 2004
On Monday 13 September 2004 23:25, menonrr at adelphia.net wrote:
> Hello,
>
> The mailing list friends helped me to enable IP forwarding on my Redhat 9
> gateway with the rule:
>
> "iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 172.16.3.10"
>
> This rule forwards the traffic from the internal network (172.16.4.0/24) to
> the outside.
Not precisely - it actually does source NAT, changing the source address in
the header of all outgoing packets to 172.16.3.10 (providing that they are
leaving your machine via the eth1 interface).
IP forwarding depends on the contents of /proc/sys/net/ipv4/ip_forward
1 is on , 0 is off
to make this a permanent setting, you would edit /etc/sysctl.conf.
(which should already contain a line to do this).
> Problem:
>
> But I feel that the internal IPs are being forwarded with the IP address of
> the external NIC of the gateway.
>
> It would be helpful if I could have a way to keep the internal IP address
> (172.16.4.0)as it is without being substituted with the gateways IP
> address(172.16.3.10). This is because I want the external users to see the
> internal machines(172.16.4.0 network) as it is.
I take it the external machines can route to this internal network - ie they
have a route set to it via your RH9 gateway?
Stuart
--
Stuart Sears RHCE, RHCX
--
You can't learn too soon that the most useful thing about a principle
is that it can always be sacrificed to expediency.
-- W. Somerset Maugham, "The Circle"
More information about the redhat-list
mailing list