Sanjay Darisi wrote:

> I'm not good at Iptables in Linux. I am trying to configure one-to-one 
> NAT on my Linux gateway, unsuccessful so far. How do I do that?? Here is 
> the scenario
>  
> eth2 - External interface
> eth0 - Internal interface
>  
> Lets say I want to route (NAT) a virtual IP of 67.155.x.x to 
> 192.168.1.10 for smtp service (infact for all services). How do I do 
> that using iptables??
>  
> Thanks a lot,
> Sanjay.
>  
>  
> 
>  
You're not alone with iptables. It can be somewhat intricate. This is a 
question very few people could answer off hand.

For learning the iptables nitty gritty, http://netfilter.org is the home 
page for iptables. It contains FAQs, HOWTOs, and Tutorials.

For front-end tools that make iptables more user (and admin) friendly, 
check out FireStarter at http://www.fs-security.com/ and/or Firewall 
Builder at http://www.fwbuilder.org. If you go this route, please let us 
know how you liked the tool(s).

In an attempt to answer your question, the command:
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth2 -j MASQUERADE
would masquerade your entire private LAN (all 192.168.1.0/24 addresses) 
behind the ip address of the eth2 device. For a single private ip 
address (one-to-one), simply specify the address (e.g. 192.168.1.10). 
Why you'd want to do that though is beyond me.

HTH
-- 
-Eric 'shubes'
"There is no such thing as the People;
  it is a collectivist myth.
  There are only individual citizens
  with individual wills
  and individual purposes."
-William E. Simon (1927-2000),
     Secretary of the Treasury (1974-1977)
  "A Time For Truth" (1978), pg. 237

 
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss