Re: Help with iptables forwarding
From: Barton L. Phillips (bartonphillips_at_sbcglobal.net)
Date: 08/16/05
- Previous message: Steve Vitale: "Re: tripwire always finds something amiss"
- In reply to: Bryan Batten: "Re: Help with iptables forwarding"
- Next in thread: Bryan Batten: "Re: Help with iptables forwarding"
- Reply: Bryan Batten: "Re: Help with iptables forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Aug 2005 00:37:56 GMT
Bryan Batten wrote:
> Barton L. Phillips wrote:
>
>> ...
>> Is a dns or hosts addition the only route? Can't I somehow do it
>> via iptables and routing? Why doesn't the iptables forwarding work?
>> Is it because it all happens on the local network and doesn't leave
>> the local NIC at all?
>
>
> A DNS or hosts file is needed to resolve the names used by applications
> into IP addresses that are used by iptables (the -d and -s parameters).
>
> My understanding is the iptables does not route. It controls admission
> to the routing procedures. You may need something like:
>
>
> -A POSTROUTING -o ppp0 -j SNAT --to-source 10.64.64.64
>
>
> You might take a look at
>
> http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html
>
> for a very useful cookbook that I used for the basis of my own setup.
Well that seemed to work just fine. I added
-A POSTROUTING -o eth1 -j SNAT --to-source <my Internet IP>
Where eth1 is my local LAN. I'm not sure why that works but it does.
- Previous message: Steve Vitale: "Re: tripwire always finds something amiss"
- In reply to: Bryan Batten: "Re: Help with iptables forwarding"
- Next in thread: Bryan Batten: "Re: Help with iptables forwarding"
- Reply: Bryan Batten: "Re: Help with iptables forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
