match nth

match nth

[Pedro Drimel Neto]

Hi all,

I'm using the module nth... and I know that is support only --packet 
0 --packet 1 and --packet 2 what means that I can use only 3 IP with it... 
right ?

If I add a network card (-o eth1) could I use more IP's ?

Regards... 

Re: match nth

[vikrant]

Pedro Drimel Neto wrote:

> Hi all,
>
> I'm using the module nth... and I know that is support only --packet 0
--packet 1 and --packet 2 what means that I can use only 3 IP with it...
right ?
>
> If I add a network card (-o eth1) could I use more IP's ?
>
> Regards...
>
>
>

Please read the docs carefully:-
http://netfilter.org/projects/patch-o-matic/pom-base.html#pom-base-nth

If u want to add more IP's then what u have to do  just increase the
--every value .
for example:-

iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 5 \
--packet 0 -j SNAT --to-source 10.0.0.5
iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 5 \
--packet 1 -j SNAT --to-source 10.0.0.6
iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 5 \
--packet 2 -j SNAT --to-source 10.0.0.7
iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 5 \
--packet 3 -j SNAT --to-source 10.0.0.8
iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 --every 5 \
--packet 4 -j SNAT --to-source 10.0.0.9

i think there is no need to add more interface card.
Please correct me if i am wrong.

Thanks
Vikrant

match nth

[Pedro Drimel Neto]

Hi all,

I'm using nth on my linux box to do a simple load balancing, I need to use 
some different IPs to connect to another server (like a "bridge", the 
clients connect on linux box and them connect to the server) this is needed 
because the "server" understand the use of license by IP.

So, I'm using nth with --packet 0, 1 and 2 what means 3 different IP (one 
interface with two logics)

I added other interface like eth1 but I don't know how to do nth match with 
more IPs (like six).

These are the rules:

#ifconfig eth0 10.0.0.1 netmask 255.255.255.0
#ifconfig eth0:0 10.0.0.2 netmask 255.255.255.0
#ifconfig eth0:1 10.0.0.3 netmask 255.255.255.0

#iptables -t nat -A POSTROUTING -o eth0 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 0 -j SNAT --to-source 10.0.0.1
#iptables -t nat -A POSTROUTING -o eth0 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 1 -j SNAT --to-source 10.0.0.2
#iptables -t nat -A POSTROUTING -o eth0 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 2 -j SNAT --to-source 10.0.0.3

It's OK but when I try with eth1 only the IPs of eth0 is funcional

#ifconfig eth1 10.0.0.4 netmask 255.255.255.0
#ifconfig eth1:0 10.0.0.5 netmask 255.255.255.0
#ifconfig eth1:1 10.0.0.6 netmask 255.255.255.0

#iptables -t nat -A POSTROUTING -o eth1 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 0 -j SNAT --to-source 10.0.0.4
#iptables -t nat -A POSTROUTING -o eth1 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 1 -j SNAT --to-source 10.0.0.5
#iptables -t nat -A POSTROUTING -o eth1 -d 10.0.0.9 -m nth --counter 
7 --every 3 --packet 2 -j SNAT --to-source 10.0.0.6


Sorry for my bad english...

Any ideas? Thanks.

Best Regards.