public IP behind NAT system

All of lore.kernel.org
 help / color / mirror / Atom feed

* public IP behind NAT system
@ 2003-10-03  6:20 Mike McLean
  2003-10-03  7:38 ` Rob Sterenborg
  2003-10-03 13:17 ` Payal Rathod
  0 siblings, 2 replies; 3+ messages in thread
From: Mike McLean @ 2003-10-03  6:20 UTC (permalink / raw)
  To: netfilter

Hi,

I have a situation where I've setup a system that has one public IP and does 
NAT for a network of computers with private IPs.  However I wish to setup a 
couple of machines behind this NAT system with public IPs like the following:

outside router --> NAT system --> other systems with public IPs.

I am wondering if this is possible and feasable with netfilter.  I don't want 
netfilter to NAT any packets sent to the public IPs that aren't on the NAT 
system.

Any help is greatly appreciated,

Mike

^ permalink raw reply	[flat|nested] 3+ messages in thread

* RE: public IP behind NAT system
  2003-10-03  6:20 public IP behind NAT system Mike McLean
@ 2003-10-03  7:38 ` Rob Sterenborg
  2003-10-03 13:17 ` Payal Rathod
  1 sibling, 0 replies; 3+ messages in thread
From: Rob Sterenborg @ 2003-10-03  7:38 UTC (permalink / raw)
  To: netfilter

> outside router --> NAT system --> other systems with public IPs.
> 
> I am wondering if this is possible and feasable with 
> netfilter.  I don't want netfilter to NAT any packets sent to 
> the public IPs that aren't on the NAT system.
> 
> Any help is greatly appreciated,

If there are only "other systems with public IPs", then I'd say there's
no need for a "NAT system". The only thing you want to do would be
filtering ?
You can just allow forwarding for IP's that you want and route the
packets through your firewall.
If you also have other systems that have private IP's then you just NAT
those IP's, in addition to the above.

Gr,
Rob

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: public IP behind NAT system
  2003-10-03  6:20 public IP behind NAT system Mike McLean
  2003-10-03  7:38 ` Rob Sterenborg
@ 2003-10-03 13:17 ` Payal Rathod
  1 sibling, 0 replies; 3+ messages in thread
From: Payal Rathod @ 2003-10-03 13:17 UTC (permalink / raw)
  To: Mike McLean; +Cc: netfilter

On Thu, Oct 02, 2003 at 11:20:10PM -0700, Mike McLean wrote:
> Hi,
> 
> I have a situation where I've setup a system that has one public IP and does 
> NAT for a network of computers with private IPs.  However I wish to setup a 
> couple of machines behind this NAT system with public IPs like the following:
> 
> 
> outside router --> NAT system --> other systems with public IPs.

Something like,
iptables -t nat -A PREROUTING -d <ext ip> -j DNAT --to <int ip>

might help.

-Payal

> 
> I am wondering if this is possible and feasable with netfilter.  I don't want 
> netfilter to NAT any packets sent to the public IPs that aren't on the NAT 
> system.
> 
> Any help is greatly appreciated,
> 
> Mike
> 
> 

-- 
"Visit GNU/Linux Success Stories"
http://payal.staticky.com
Guest-Book Section Updated.


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2003-10-03 13:17 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-10-03  6:20 public IP behind NAT system Mike McLean
2003-10-03  7:38 ` Rob Sterenborg
2003-10-03 13:17 ` Payal Rathod

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.