* How to set multi network ip forward ( prerouting )
@ 2002-11-22 7:47 Joe Yu
2002-11-25 0:24 ` Joel Newkirk
0 siblings, 1 reply; 2+ messages in thread
From: Joe Yu @ 2002-11-22 7:47 UTC (permalink / raw)
To: netfilter
Sorry Sir,
I have multi network
Net A : 10.128.0.0/255.255.0.0
Net B : 10.129.0.0/255.255.0.0
Net C : 10.129.0.0/255.255.0.0
Net D : 10.131.0.0/255.255.0.0
Net E : 10.138.0.0/255.255.0.0
Net F : 10.192.0.0/255.255.0.0
Net G : 10.192.0.0/255.255.0.0
Net H : 10.64.0.0/255.255.0.0
I want to set "iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -s -d < Net A,B,C,D,E,F,G,H > -j REDIRECT 8080
How to type multi network setting command
Thanks
Joe Yu
--
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
One click access to the Top Search Engines
http://www.exactsearchbar.com/mailcom
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: How to set multi network ip forward ( prerouting )
2002-11-22 7:47 How to set multi network ip forward ( prerouting ) Joe Yu
@ 2002-11-25 0:24 ` Joel Newkirk
0 siblings, 0 replies; 2+ messages in thread
From: Joel Newkirk @ 2002-11-25 0:24 UTC (permalink / raw)
To: Joe Yu, netfilter
On Friday 22 November 2002 02:47 am, Joe Yu wrote:
> Sorry Sir,
>
> I have multi network
> Net A : 10.128.0.0/255.255.0.0
> Net B : 10.129.0.0/255.255.0.0
> Net C : 10.129.0.0/255.255.0.0
> Net D : 10.131.0.0/255.255.0.0
> Net E : 10.138.0.0/255.255.0.0
> Net F : 10.192.0.0/255.255.0.0
> Net G : 10.192.0.0/255.255.0.0
> Net H : 10.64.0.0/255.255.0.0
>
> I want to set "iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -s
> -d < Net A,B,C,D,E,F,G,H > -j REDIRECT 8080
>
> How to type multi network setting command
Either individual rules for each subnet, or (if acceptable) a single rule
specifying 10.0.0.0/8, for instance, to catch ALL 10.x.x.x. (this presumes
that you want this redirect for ALL, or that you handle non-redirected
subnets earlier in the chain than this)
If the catch-all isn't useful for you, then set up something like this:
iptables -n httpredirect
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j subnettest
iptables -A httpredirect -s 10.128.0.0/16 -j REDIRECT 8080
iptables -A httpredirect -s 10.129.0.0/16 -j REDIRECT 8080
This will group all the subnet tests together in a separate user-defined chain
(named for it's function, for simplicity) for easier bookkeeping and access.
Anything not explicitly covered in subnettest would then return to PREROUTING
and continue through the main chain. (unless you finish the subnettest chain
with a DROP or ACCEPT or something to catch)
BTW, is it a typo, or are subnets B&C and subnets F&G really the same?
j
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-11-25 0:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-11-22 7:47 How to set multi network ip forward ( prerouting ) Joe Yu
2002-11-25 0:24 ` Joel Newkirk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.