[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ANOTHER NAT with two NICs for two subnets



Not sure how much help I can be but I've gotten some iptables stuff to
work for me.  If you can post your iptable rules you are using that
would help to see maybe why you're not getting the results you want.

On Sun, 2003-02-02 at 16:12, Michael Brininstool wrote:
> I have followed examples in the NAT HOWTO, but have been unsuccessful,
> either with getting it to work, or with syntax errors in the iptables
> commands.  I would like to ask for help.  I have 66.111.222.24/29 outside
> and 172.16.10.0/24 inside.  I want to be able to log into the firewall
> and tell iptables to take any traffic destined for 66.111.222.28 and pass
> it through to 172.16.10.5, and any traffic destined for 66.111.222.29 to
> be passed through to 172.16.10.7.  I have 66.111.222.26 on the firewall
> right now.  I have other machines on the 172.16.10.0/24 network that
> need masquerading, and want to be able to turn this "pass-through" on
> and off at will, and want to be able to filter most ports or allow only
> some ports to be passed through.  Also, can I use this mechanism to do a
> "local-director" type of thing?  i.e. can 66.111.222.28 ports 80 & 443
> only be allowed to pass through, but be load-balanced to 172.16.10.65-70
> while ports 25, 110, & 143 for 66.111.222.28 be handled on an internal
> machine with IP of 172.16.10.33?
> 
>     INTERNET
>         |
>  +------+------+
>  |    router   |
>  |66.111.222.25|
>  +------+------+
>         |
>  +------+------+
>  |66.111.222.26|
>  |>>> RH7.3 <<<| +-----+-----+ +-----+-----+ +-----+-----+
>  |172.16.10.254| |172.16.10.1| |172.16.10.2| |172.16.10.3|
>  +-----+-------+ +-----+-----+ +-----+-----+ +-----+-----+
>        |               |             |             |
>        +-------+-------+-------------+-------------+
>        |       |       |             |             |
>  +-----+-----+ | +-----+-----+ +-----+-----+ +-----+-----+
>  |172.16.10.4| | |172.16.10.5| |172.16.10.6| |172.16.10.7|
>  +-----------+ | +-----------+ +-----------+ +-----+-----+
>                |
>        +-------+-------+-------------+--------------+
>        |       |       |             |              |
>  +-----+-----+ | +-----+-----+ +-----+------+ +-----+------+
>  |172.16.10.8| | |172.16.10.9| |172.16.10.10| |172.16.10.11|
>  +-----------+ | +-----------+ +------------+ +------------+
>                |
>        +-------+-------+--------------+--------------+
>        |       |       |              |              |
> +------+-----+ | +-----+------+ +-----+------+ +-----+------+
> |172.16.10.12| | |172.16.10.33| |172.16.10.65| |172.16.10.66|
> +------------+ | +------------+ +------------+ +------------+
>                |
>        +-------+-------+--------------+--------------+
>        |               |              |              |
> +------+-----+   +-----+------+ +-----+------+ +-----+------+
> |172.16.10.67|   |172.16.10.68| |172.16.10.69| |172.16.10.70|
> +------------+   +------------+ +------------+ +------------+
> 
> -- 
> Michael P. Brininstool                  mikepb hoplite org
> 
> 
> 
> _______________________________________________
> Valhalla-list mailing list
> Valhalla-list redhat com
> https://listman.redhat.com/mailman/listinfo/valhalla-list
> 





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]