WAP11 host behind Netfilter Router

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Ryan Beisner" <ryanb@thedataarc.com>
To: netfilter@lists.netfilter.org
Subject: WAP11 host behind Netfilter Router
Date: Wed, 18 Sep 2002 15:44:46 -0500	[thread overview]
Message-ID: <0cee01c25f54$397d4dc0$64dc0a0a@dataarc> (raw)

[-- Attachment #1: Type: text/plain, Size: 1236 bytes --]

Hi All!

I have a Linksys WAP11 behind a high speed connection.

Currently doing simple NAT with:

    iptables -t nat -A POSTROUTING -o $extdev -j MASQUERADE
        (other rules to accept certain protocols for ssh, webmin, etc)
        and then:
    iptables -A INPUT -i $extdev -m state --state NEW,INVALID -j DROP
    iptables -A FORWARD -i $extdev -m state --state NEW,INVALID -j DROP
        as a simple block to unwanted traffic on an already protected ext. network

Here's the scenario:

    INT (eth0) IP Range ( 192.168.168.1 class C )
    EXT (eth1) IP Range also private ( 10.20.0.3 class B )
    EXT (eth1:1) Virtual IP is 10.20.0.4

I want to map everything from Virt IP (Eth1:1) 10.20.0.4 (all ports) to internal 192.168.168.178 (the Linksys WAP 11).  FYI this is for remote management of my access point.

Where in the world do I start? All help is appreciated in advance.

Here was my first attempt, which did not work.  I explicitly allow all traffic in/out/fwd for 10.20.0.4 to make sure I wasn't kicking myself here.  Still no go.  Suggestions?

    ""iptables -A PREROUTING -t nat -d 10.20.0.4 -j DNAT --to 192.168.168.178""

-Ryan Beisner

ryanb -at-nosp@m- thedataarc () com

[-- Attachment #2: Type: text/html, Size: 2927 bytes --]

next             reply	other threads:[~2002-09-18 20:44 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-09-18 20:44 Ryan Beisner [this message]
2002-09-18 21:20 ` WAP11 host behind Netfilter Router Antony Stone
  -- strict thread matches above, loose matches on Subject: below --
2002-09-18 20:58 Ryan Beisner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='0cee01c25f54$397d4dc0$64dc0a0a@dataarc' \
    --to=ryanb@thedataarc.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.